From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 3 Aug 2017 08:00:10 +0000 (-0700)
Subject: Port GnuTLS usage to Ubuntu 16.04.2 LTS
X-Git-Tag: emacs-26.0.90~517^2~35
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=f465efe412607c6b931e3592e96200f2ff3b8d74;p=emacs.git

Port GnuTLS usage to Ubuntu 16.04.2 LTS

* src/gnutls.h (HAVE_GNUTLS3_AEAD): Define only if GnuTLS 3.5.1 or
later, as opposed to the old 3.4.0 or later.
---

diff --git a/src/gnutls.h b/src/gnutls.h
index 19c16867d7a..8fe4ac3e427 100644
--- a/src/gnutls.h
+++ b/src/gnutls.h
@@ -29,12 +29,21 @@ along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.  */
 #endif
 
 #if 0x030400 <= GNUTLS_VERSION_NUMBER
-# define HAVE_GNUTLS3_AEAD
 # define HAVE_GNUTLS3_CIPHER
 # define HAVE_GNUTLS3_DIGEST
 # define HAVE_GNUTLS3_HMAC
 #endif
 
+/* Although AEAD support started in GnuTLS 3.4.0 and works in 3.5.14,
+   it was broken through at least GnuTLS 3.4.10; see:
+   https://lists.gnu.org/archive/html/emacs-devel/2017-07/msg00992.html
+   The relevant fix seems to have been made in GnuTLS 3.5.1; see:
+   https://gitlab.com/gnutls/gnutls/commit/568935848dd6b82b9315d8b6c529d00e2605e03d
+   So use 3.5.1 for now.  */
+#if 0x030501 <= GNUTLS_VERSION_NUMBER
+# define HAVE_GNUTLS3_AEAD
+#endif
+
 #include "lisp.h"
 
 /* This limits the attempts to handshake per process (connection).  It