diff options
| author | Nikos <nmav@crystal.(none)> | 2007-11-30 22:07:11 +0200 |
|---|---|---|
| committer | Nikos <nmav@crystal.(none)> | 2007-11-30 22:07:11 +0200 |
| commit | 103b53c1384d0c48d03c198685452d057c8a8d99 (patch) | |
| tree | 08191a808ad8540e39298974141def93e8b2af91 | |
| parent | f079900d337cee538f66d8c3b50464402ed39837 (diff) | |
| download | gnutls-103b53c1384d0c48d03c198685452d057c8a8d99.tar.gz | |
Depend on libgcrypt 1.2.4 again (lose DSA2 functionality).
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | lib/x509/dsa.c | 7 | ||||
| -rw-r--r-- | src/certtool.c | 7 |
3 files changed, 14 insertions, 2 deletions
diff --git a/configure.in b/configure.in index 9def41ac1b..52870e6cbb 100644 --- a/configure.in +++ b/configure.in @@ -46,7 +46,7 @@ AC_SUBST(SOVERSION) dnl for opencdk needs also change in the test GNUTLS_OPENCDK_VERSION=0.6.5 -GNUTLS_GCRYPT_VERSION=1:1.3.0 +GNUTLS_GCRYPT_VERSION=1:1.2.4 GNUTLS_LIBTASN1_VERSION=0.3.4 AC_DEFINE_UNQUOTED(GNUTLS_GCRYPT_VERSION, "$GNUTLS_GCRYPT_VERSION", [version of gcrypt]) AC_DEFINE_UNQUOTED(GNUTLS_LIBTASN1_VERSION, "$GNUTLS_LIBTASN1_VERSION", [version of libtasn1]) diff --git a/lib/x509/dsa.c b/lib/x509/dsa.c index 51485695e9..69ed4684c2 100644 --- a/lib/x509/dsa.c +++ b/lib/x509/dsa.c @@ -39,6 +39,13 @@ _gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits) int ret; gcry_sexp_t parms, key, list; + /* FIXME: Remove me once we depend on 1.3.1 */ + if (bits > 1024 && gcry_check_version("1.3.1")==NULL) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + if (bits < 512) { gnutls_assert (); diff --git a/src/certtool.c b/src/certtool.c index d58ff291ad..4cd585541e 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -123,7 +123,12 @@ generate_private_key_int (void) int ret, key_type; if (info.dsa) - key_type = GNUTLS_PK_DSA; + { + key_type = GNUTLS_PK_DSA; + /* FIXME: Remove me once we depend on 1.3.x */ + if (info.bits > 1024 && gcrypt_check_version("1.3.1")==NULL) + info.bits = 1024; + } else key_type = GNUTLS_PK_RSA; |