Add a patch to work around GNU TLS behavior

svn path=/nixpkgs/trunk/; revision=22540
2025-01-19 03:14:03 +00:00 · 2010-07-08 20:38:48 +00:00 · 2010-07-08 20:38:48 +00:00 · 80e2d957e6
commit 80e2d957e6
parent 7c5e566c5c
2 changed files with 13 additions and 0 deletions
--- a/pkgs/desktops/gnome-2.28/desktop/libsoup/2.31.gnutls.patch
+++ b/pkgs/desktops/gnome-2.28/desktop/libsoup/2.31.gnutls.patch
@ -0,0 +1,12 @@
+diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c
+--- a/libsoup/soup-gnutls.c
+++ b/libsoup/soup-gnutls.c
+@@ -477,7 +477,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking,
+		goto THROW_CREATE_ERROR;
+
+	/* See http://bugzilla.gnome.org/show_bug.cgi?id=581342 */
+-	if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0)
+	if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.2:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0)
+		goto THROW_CREATE_ERROR;
+
+	if (gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE,
--- a/pkgs/desktops/gnome-2.28/desktop/libsoup/2.31.nix
+++ b/pkgs/desktops/gnome-2.28/desktop/libsoup/2.31.nix
@ -7,6 +7,7 @@ stdenv.mkDerivation {
    url = mirror://gnome/sources/libsoup/2.31/libsoup-2.31.2.tar.bz2;
    sha256 = "ae52e970deb0ca5e890d87cf55e555249c086bd56ae1fff69599174ca0075379";
  };
+  patches = [./2.31.gnutls.patch];
  buildInputs = [ pkgconfig libxml2 gnutls libproxy sqlite curl 
    glib GConf gnome_keyring ];
 }