Add support for GnuTLS priority string.
authorPaul <paul@claws-mail.org>
Sat, 13 Apr 2013 07:33:58 +0000 (08:33 +0100)
committerPaul <paul@claws-mail.org>
Sat, 13 Apr 2013 07:33:58 +0000 (08:33 +0100)
Patch by Darko Koruga

src/common/session.c
src/common/session.h
src/common/socket.h
src/common/ssl.c
src/prefs_account.c
src/prefs_account.h
src/send_message.c

index 6e1e2b9d83bf981df84606fbb0265741c5d99825..c43e5e413e92e40873c16b12b015d5c8bf875ddc 100644 (file)
@@ -166,6 +166,8 @@ static gint session_connect_cb(SockInfo *sock, gpointer data)
        sock->account = session->account;
        sock->is_smtp = session->is_smtp;
 #ifdef USE_GNUTLS
+       sock->gnutls_priority = session->gnutls_priority;
+
        if (session->ssl_type == SSL_TUNNEL) {
                sock_set_nonblocking_mode(sock, FALSE);
                if (!ssl_init_socket(sock)) {
@@ -226,6 +228,9 @@ void session_destroy(Session *session)
        g_byte_array_free(session->read_data_buf, TRUE);
        g_free(session->read_data_terminator);
        g_free(session->write_buf);
+#ifdef USE_GNUTLS
+       g_free(session->gnutls_priority);
+#endif
 
        debug_print("session (%p): destroyed\n", session);
 
index 6ed2d24cdf2f875af3f1fb78743b40af2b5e8702..00675c4d6fc7fdde50d3d4849410cc4c9ec10c9b 100644 (file)
@@ -158,6 +158,7 @@ struct _Session
 
 #ifdef USE_GNUTLS
        SSLType ssl_type;
+       gchar *gnutls_priority;
 #endif
 };
 
index c0a664dff86c0a4dbd1efdd5a9a8bcf259d2c461..39c6e2e75ea592e4949a90fcaedf291cabeeb092 100644 (file)
@@ -63,6 +63,7 @@ struct _SockInfo
        gnutls_certificate_credentials_t xcred;
        gnutls_x509_crt_t client_crt;
        gnutls_x509_privkey_t client_key;
+       gchar *gnutls_priority;
 #endif
        guint g_source;
        GIOChannel *sock_ch;
index b7623de8fed647e13a2d250cb05767c65f482426..113462b37d6299c9807317fcf9da098ef4e87c76 100644 (file)
@@ -277,10 +277,17 @@ gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
        if (session == NULL || r != 0)
                return FALSE;
 
-       if (method == 0)
-               gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
-       else
-               gnutls_priority_set_direct(session, "NORMAL", NULL);
+       if (sockinfo->gnutls_priority && strlen(sockinfo->gnutls_priority)) {
+               r = gnutls_priority_set_direct(session, sockinfo->gnutls_priority, NULL);
+               debug_print("Setting GnuTLS priority to %s, status = %d\n",
+                           sockinfo->gnutls_priority, r);
+       }
+       else {
+               if (method == 0)
+                       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
+               else
+                       gnutls_priority_set_direct(session, "NORMAL", NULL);
+       }
        gnutls_record_disable_padding(session);
 
        gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
index 4e2afefc64197da604336f64c615b72075ac1051..aff28aee1a6b7668e0b6121a31db67127b6bcbb9 100644 (file)
@@ -814,6 +814,14 @@ static PrefParam advanced_param[] = {
         &advanced_page.domain_entry,
         prefs_set_data_from_entry, prefs_set_entry},
 
+#ifdef USE_GNUTLS
+       {"gnutls_set_priority", "FALSE", &tmp_ac_prefs.set_gnutls_priority, P_BOOL,
+        NULL, NULL, NULL},
+
+       {"gnutls_priority", NULL, &tmp_ac_prefs.gnutls_priority, P_STRING,
+        NULL, NULL, NULL},
+#endif
+
 #ifndef G_OS_WIN32
        {"set_tunnelcmd", "FALSE", &tmp_ac_prefs.set_tunnelcmd, P_BOOL,
         &advanced_page.tunnelcmd_checkbtn,
index 9a3b3d15344d894c90bec80dacaf79e509d9662b..2ff9207076c4f7a11a5a0dc1166a569a84f570e0 100644 (file)
@@ -166,6 +166,8 @@ struct _PrefsAccount
        gushort   nntpport;
        gboolean  set_domain;
        gchar    *domain;
+       gboolean  set_gnutls_priority;
+       gchar    *gnutls_priority;
        gboolean  msgid_with_addr;
        gboolean  mark_crosspost_read;
        gint      crosspost_col;
index 38b2d2c95863fec3415a762de728435c9e4c7080..e76794d70f41b015db1ecaf91c1a18a5c18149bb 100644 (file)
@@ -300,6 +300,9 @@ gint send_message_smtp_full(PrefsAccount *ac_prefs, GSList *to_list, FILE *fp, g
                session->ssl_type = ac_prefs->ssl_smtp;
                if (ac_prefs->ssl_smtp != SSL_NONE)
                        session->nonblocking = ac_prefs->use_nonblocking_ssl;
+               if (ac_prefs->set_gnutls_priority && ac_prefs->gnutls_priority &&
+                   strlen(ac_prefs->gnutls_priority))
+                       session->gnutls_priority = g_strdup(ac_prefs->gnutls_priority);
 #else
                if (ac_prefs->ssl_smtp != SSL_NONE) {
                        if (alertpanel_full(_("Insecure connection"),