From cebd7e3874a9a72b3e96ef95e3f187159bbba706 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Fri, 29 Jul 2022 11:08:02 +0900
Subject: [PATCH] Make gnutls-cli work with KTLS for testing

Related: #2097327
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 gnutls-3.7.6-ktls-fixes.patch | 46 +++++++++++++++++++++++++++++++++++
 gnutls.spec                   |  5 +++-
 2 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/gnutls-3.7.6-ktls-fixes.patch b/gnutls-3.7.6-ktls-fixes.patch
index 9aa3271..c7781cd 100644
--- a/gnutls-3.7.6-ktls-fixes.patch
+++ b/gnutls-3.7.6-ktls-fixes.patch
@@ -228,3 +228,49 @@ index b9f7a73fb5..ddf27fac76 100644
 -- 
 2.36.1
 
+From f7160e4fb970b4ba6f96e85e21f8395eae735d95 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Tue, 26 Jul 2022 11:39:57 +0900
+Subject: [PATCH] socket: only set pull/push functions when --save-*-trace is
+ used
+
+This allows gnutls-cli to use KTLS for the transport, unless either
+--save-client-trace or --save-server-trace is used.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ src/socket.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/src/socket.c b/src/socket.c
+index 39f18dbe18..36ac292700 100644
+--- a/src/socket.c
++++ b/src/socket.c
+@@ -586,16 +586,16 @@ socket_open2(socket_st * hd, const char *hostname, const char *service,
+ 				gnutls_session_set_data(hd->session, hd->rdata.data, hd->rdata.size);
+ 			}
+ 
+-			if (server_trace)
++			if (client_trace || server_trace) {
+ 				hd->server_trace = server_trace;
+-
+-			if (client_trace)
+ 				hd->client_trace = client_trace;
+-
+-			gnutls_transport_set_push_function(hd->session, wrap_push);
+-			gnutls_transport_set_pull_function(hd->session, wrap_pull);
+-			gnutls_transport_set_pull_timeout_function(hd->session, wrap_pull_timeout_func);
+-			gnutls_transport_set_ptr(hd->session, hd);
++				gnutls_transport_set_push_function(hd->session, wrap_push);
++				gnutls_transport_set_pull_function(hd->session, wrap_pull);
++				gnutls_transport_set_pull_timeout_function(hd->session, wrap_pull_timeout_func);
++				gnutls_transport_set_ptr(hd->session, hd);
++			} else {
++				gnutls_transport_set_int(hd->session, hd->fd);
++			}
+ 		}
+ 
+ 		if (!(flags & SOCKET_FLAG_RAW) && !(flags & SOCKET_FLAG_SKIP_INIT)) {
+-- 
+2.37.1
+
diff --git a/gnutls.spec b/gnutls.spec
index 29d7b08..6888fbd 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -13,7 +13,7 @@ print(string.sub(hash, 0, 16))
 }
 
 Version: 3.7.6
-Release: 3%{?dist}
+Release: 4%{?dist}
 # not upstreamed
 Patch: gnutls-3.6.7-no-now-guile.patch
 Patch: gnutls-3.2.7-rpath.patch
@@ -359,6 +359,9 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
 %endif
 
 %changelog
+* Fri Jul 29 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-4
+- Make gnutls-cli work with KTLS for testing
+
 * Mon Jul 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-3
 - Limit input size for AES-GCM according to SP800-38D (#2095251)
 - Do not treat GPG verification errors as fatal