On Sun, 22 Oct 2017 18:38:28 +0200 Andreas Metzler <ametz...@bebt.de> wrote:
> Package: echoping
> Version: 6.0.2-10
> Severity: minor
> Tags: upstream
> User: ametz...@bebt.de
> Usertags: deprecated-gnutls-3.6
>
> Hello,
>
> echoping.c contains this code ...
> upstream:
> const int cert_type_priority[3] = { GNUTLS_CRT_X509,
> GNUTLS_CRT_OPENPGP, 0
> };
> gnutls_certificate_type_set_priority(session, cert_type_priority);
>
> as patched by Debian:
> gnutls_priority_set_direct(session, "NORMAL:+CTYPE-OPENPGP", NULL);
>
> i.e. it explicitely enables gnutls support for openpgp certificates.
>
> GnuTLS stopped enabling OPENPGP certificates by default in 3.0.2 (Sept
> 2011). OpenPGP support in gnutls was marked deprecated in 3.5.9 and was
> removed in 3.6.0. (Noop stub functions are still shipped to avoid ABI
> breakage.)
>
> Therefore imho it makes sense to drop the pgp/gnutls code from echoping.
>
> cu Andreas
Attaching patch.
Regards,
Dimitri.
Description: Remove usage of openpgp certificates. (Closes: #879531)
Author: Dimitri John Ledkov <x...@ubuntu.com>
Bug-Debian: https://bugs.debian.org/879531
--- echoping-6.0.2.orig/echoping.c
+++ echoping-6.0.2/echoping.c
@@ -1018,7 +1018,7 @@ main(argc, argv)
err_sys
("Cannot create a new TLS session");
gnutls_priority_set_direct(session,
- "NORMAL:+CTYPE-OPENPGP",
+ "NORMAL",
NULL);
gnutls_credentials_set(session,
GNUTLS_CRD_CERTIFICATE,
