From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 5 Sep 2019 18:42:56 +0000 (-0700)
Subject: Port :safe-renegotiation test to GnuTLS < 3.6.3
X-Git-Tag: emacs-27.0.90~1553^2~26
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=b9e37f551add188f82f2583d3eb13cb81e707387;p=emacs.git

Port :safe-renegotiation test to GnuTLS < 3.6.3

Problem reported by Robert Pluim in
https://lists.gnu.org/r/emacs-devel/2019-09/msg00127.html
* src/gnutls.c (Fgnutls_peer_status): Simplify test for
whether the :safe-renegotiation result is needed, so that it
works all the way back to GnuTLS 2.12.2.
---

diff --git a/src/gnutls.c b/src/gnutls.c
index c74936c840f..d43534b5ae1 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1520,12 +1520,7 @@ returned as the :certificate entry.  */)
 #endif
 
   /* Renegotiation Indication */
-#ifdef GNUTLS_TLS1_3
-  bool older_proto = proto < GNUTLS_TLS1_3;
-#else
-  bool older_proto = true;
-#endif
-  if (older_proto)
+  if (proto <= GNUTLS_TLS1_2)
     result = nconc2
       (result, list2 (intern (":safe-renegotiation"),
 		      gnutls_safe_renegotiation_status (state) ? Qt : Qnil));