You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

49 lines
1.5 KiB

Function gnutls_certificate_verify_peers is deprecated so we should
rather use gnutls_certificate_verify_peers2. This is a fix applied
by upstream.
Upstream bug report: http://dev.mutt.org/trac/ticket/3516
diff -up mutt-1.5.21/mutt_ssl_gnutls.c.verpeers mutt-1.5.21/mutt_ssl_gnutls.c
--- mutt-1.5.21/mutt_ssl_gnutls.c.verpeers 2013-03-04 15:19:56.144838094 +0100
+++ mutt-1.5.21/mutt_ssl_gnutls.c 2013-03-04 15:19:56.378838087 +0100
@@ -946,22 +946,23 @@ static int tls_check_one_certificate (co
/* sanity-checking wrapper for gnutls_certificate_verify_peers */
static gnutls_certificate_status tls_verify_peers (gnutls_session tlsstate)
{
- gnutls_certificate_status certstat;
+ int verify_ret;
+ unsigned int status;
- certstat = gnutls_certificate_verify_peers (tlsstate);
- if (!certstat)
- return certstat;
+ verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
+ if (!verify_ret)
+ return status;
- if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND)
+ if (status == GNUTLS_E_NO_CERTIFICATE_FOUND)
{
mutt_error (_("Unable to get certificate from peer"));
mutt_sleep (2);
return 0;
}
- if (certstat < 0)
+ if (verify_ret < 0)
{
mutt_error (_("Certificate verification error (%s)"),
- gnutls_strerror (certstat));
+ gnutls_strerror (status));
mutt_sleep (2);
return 0;
}
@@ -974,7 +975,7 @@ static gnutls_certificate_status tls_ver
return 0;
}
- return certstat;
+ return status;
}
static int tls_check_certificate (CONNECTION* conn)