49 lines
1.5 KiB
Diff
49 lines
1.5 KiB
Diff
|
Function gnutls_certificate_verify_peers is deprecated so we should
|
||
|
rather use gnutls_certificate_verify_peers2. This is a fix applied
|
||
|
by upstream.
|
||
|
Upstream bug report: http://dev.mutt.org/trac/ticket/3516
|
||
|
|
||
|
diff -up mutt-1.5.21/mutt_ssl_gnutls.c.verpeers mutt-1.5.21/mutt_ssl_gnutls.c
|
||
|
--- mutt-1.5.21/mutt_ssl_gnutls.c.verpeers 2013-03-04 15:19:56.144838094 +0100
|
||
|
+++ mutt-1.5.21/mutt_ssl_gnutls.c 2013-03-04 15:19:56.378838087 +0100
|
||
|
@@ -946,22 +946,23 @@ static int tls_check_one_certificate (co
|
||
|
/* sanity-checking wrapper for gnutls_certificate_verify_peers */
|
||
|
static gnutls_certificate_status tls_verify_peers (gnutls_session tlsstate)
|
||
|
{
|
||
|
- gnutls_certificate_status certstat;
|
||
|
+ int verify_ret;
|
||
|
+ unsigned int status;
|
||
|
|
||
|
- certstat = gnutls_certificate_verify_peers (tlsstate);
|
||
|
- if (!certstat)
|
||
|
- return certstat;
|
||
|
+ verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
|
||
|
+ if (!verify_ret)
|
||
|
+ return status;
|
||
|
|
||
|
- if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND)
|
||
|
+ if (status == GNUTLS_E_NO_CERTIFICATE_FOUND)
|
||
|
{
|
||
|
mutt_error (_("Unable to get certificate from peer"));
|
||
|
mutt_sleep (2);
|
||
|
return 0;
|
||
|
}
|
||
|
- if (certstat < 0)
|
||
|
+ if (verify_ret < 0)
|
||
|
{
|
||
|
mutt_error (_("Certificate verification error (%s)"),
|
||
|
- gnutls_strerror (certstat));
|
||
|
+ gnutls_strerror (status));
|
||
|
mutt_sleep (2);
|
||
|
return 0;
|
||
|
}
|
||
|
@@ -974,7 +975,7 @@ static gnutls_certificate_status tls_ver
|
||
|
return 0;
|
||
|
}
|
||
|
|
||
|
- return certstat;
|
||
|
+ return status;
|
||
|
}
|
||
|
|
||
|
static int tls_check_certificate (CONNECTION* conn)
|