From 228299b4f7d3ff81c303da8eb30974e015c7f54e Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivano@gnu.org>
Date: Wed, 10 Aug 2011 21:35:59 +0200
Subject: [PATCH] Fix a linker error on systems with an older gnutls version.

---
 ChangeLog     |  6 ++++++
 configure.ac  |  2 ++
 src/ChangeLog |  8 ++++++++
 src/gnutls.c  | 27 ++++++++++++++++++++++++++-
 4 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 22ad5d40..e6fe47b6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2011-08-10  Giuseppe Scrivano  <gscrivano@gnu.org>
+
+	* configure.ac: Check for `gnutls_priority_set_direct' when gnutls is
+	used.
+	Reported by: Karl Berry<karl@freefriends.org>
+
 2011-08-09  Giuseppe Scrivano  <gscrivano@southpole.se>
 
 	* build-aux/bzr-version-gen: Fix some portability issues.
diff --git a/configure.ac b/configure.ac
index bfdafce5..9b139d0c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -298,6 +298,8 @@ AS_IF([test x"$with_ssl" = xopenssl], [
     else
       AC_MSG_ERROR([--with-ssl was given, but GNUTLS is not available.])
     fi
+
+    AC_CHECK_FUNCS(gnutls_priority_set_direct)
   ]) # endif: --with-ssl == no?
 ]) # endif: --with-ssl == openssl?
 
diff --git a/src/ChangeLog b/src/ChangeLog
index d7934d72..8f1d04c6 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,11 @@
+2011-08-10  Giuseppe Scrivano  <gscrivano@gnu.org>
+
+	Fix a linker error on systems with an older gnutls version.
+	* gnutls.c (ssl_connect_wget)
+	[HAVE_GNUTLS_PRIORITY_SET_DIRECT]:  Use gnutls_priority_set_direct.
+	[! HAVE_GNUTLS_PRIORITY_SET_DIRECT]:  Use gnutls_protocol_set_priority.
+	Reported by: Karl Berry<karl@freefriends.org>
+
 2011-08-06  Jochen Roderburg <Roderburg@Uni-Koeln.DE>
 
 	* host.c (lookup_host): Ensure it doesn't print more IPs than available
diff --git a/src/gnutls.c b/src/gnutls.c
index 34d27ec3..78f83385 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -191,7 +191,7 @@ wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
       else
         read = gnutls_record_recv (ctx->session, buf + offset,
                                    bufsize - offset);
-        
+
       if (read < 0)
         {
           if (offset)
@@ -256,6 +256,7 @@ ssl_connect_wget (int fd)
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr) FD_TO_SOCKET (fd));
 
   err = 0;
+#if HAVE_GNUTLS_PRIORITY_SET_DIRECT
   switch (opt.secure_protocol)
     {
     case secure_protocol_auto:
@@ -270,6 +271,30 @@ ssl_connect_wget (int fd)
     default:
       abort ();
     }
+#else
+  int allowed_protocols[4] = {0, 0, 0, 0};
+  switch (opt.secure_protocol)
+    {
+    case secure_protocol_auto:
+      break;
+    case secure_protocol_sslv2:
+    case secure_protocol_sslv3:
+      allowed_protocols[0] = GNUTLS_SSL3;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    case secure_protocol_tlsv1:
+      allowed_protocols[0] = GNUTLS_TLS1_0;
+      allowed_protocols[1] = GNUTLS_TLS1_1;
+      allowed_protocols[2] = GNUTLS_TLS1_2;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    default:
+      abort ();
+    }
+#endif
+
   if (err < 0)
     {
       logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
-- 
2.39.2