Opened 8 years ago

Closed 8 years ago

#14365 closed patch (fixed)

GG in 2.9.0 doesn't build against older GnuTLS versions

Reported by: darkrain42 Owned by: darkrain42
Milestone: 2.10.0 Component: Gadu-Gadu
Version: 2.9.0 Keywords:
Cc:

Description

This has been reported a few times (in various locales)

'lib/libgadu.c:896: error: implicit declaration of function 'gnutls_priority_set_direct'

The bundled libgadu probably needs to implement the same workarounds that ./libpurple/plugins/ssl/ssl-gnutls.c does (assigning to myself and I'll look into it if nobody gets there before me)

Attachments (2)

pidgin-gg-gnutls-pfunc-workaround.patch (752 bytes) - added by tomkiewicz 8 years ago.
Disabling Gadu-Gadu encryption support, when using old version of GnuTLS
pidgin-gg-gnutls-pfunc-upstream.patch (988 bytes) - added by tomkiewicz 8 years ago.
Part of upstream rev 1144, that fixes the problem.

Download all attachments as: .zip

Change History (9)

comment:1 Changed 8 years ago by darkrain42

  • Milestone set to 2.9.1

comment:2 Changed 8 years ago by tomkiewicz

We could just disable encryption support, when using old gnutls version.

Unfortunately, OpenSUSE 11.4 doesn't provide "older GnuTLS version" (whatever it means), so I'm not 100% sure, if it works as intended. Could anybody (who gets that error message) try this patch?

Changed 8 years ago by tomkiewicz

Disabling Gadu-Gadu encryption support, when using old version of GnuTLS

comment:3 Changed 8 years ago by darkrain42

  • Type changed from defect to patch

Looking at the gnutls_priority_set_direct call, all it's doing is disabling TLS. Any idea why? (is there a server which doesn't support TLS?)

Mind trying this patch, which uses the same default priority strings as libpurple:

--- libpurple/protocols/gg/lib/libgadu.c	8513cccaeb9a844af5c923464197d2d0eeb76856
+++ libpurple/protocols/gg/lib/libgadu.c	b9aa8167b01372c0b8bb1d06cd4e3aed56401712
@@ -893,7 +893,14 @@ struct gg_session *gg_login(const struct
 		gnutls_global_init();
 		gnutls_certificate_allocate_credentials(&tmp->xcred);
 		gnutls_init(&tmp->session, GNUTLS_CLIENT);
-		gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-TLS", NULL);
+#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
+		if (GNUTLS_E_SUCCESS != gnutls_priority_set_direct(tmp->session, "NORMAL:%SSL3_RECORD_VERSION", NULL)) {
+			gnutls_priority_set_direct(tmp->session, "NORMAL", NULL);
+		}
+#else
+	gnutls_set_default_priority(tmp->session);
+#endif
+//		gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-TLS", NULL);
 //		gnutls_priority_set_direct(tmp->session, "NONE:+VERS-SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
 		gnutls_credentials_set(tmp->session, GNUTLS_CRD_CERTIFICATE, tmp->xcred);
 #elif defined(GG_CONFIG_HAVE_OPENSSL)

I can't verify this fully works (I don't have a valid gg account), but an SSL handshake during login is succeeding.

comment:4 Changed 8 years ago by tomkiewicz

It works for me with gnutls 2.8.6.

Changed 8 years ago by tomkiewicz

Part of upstream rev 1144, that fixes the problem.

comment:5 Changed 8 years ago by tomkiewicz

Problem is already fixed in upstream: http://toxygen.net/websvn/comp.php?repname=libgadu&path=%2F&compare[]=%2F@1143&compare[]=%2F@1144

Could anybody check this with "old" GnuTLS?

comment:6 Changed 8 years ago by darkrain42

The patch from upstream should be fine; it's effectively the same workaround we use in the !GnuTLS plugin (and more or less what my patch did).

comment:7 Changed 8 years ago by darkrain42@…

  • Resolution set to fixed
  • Status changed from new to closed

(In 48d1e64c856480f47bfe6d27d67f4901f3ae3177):
gg: Fix build w/ older versions of GnuTLS.

Closes #14365

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!