gnutls: fixed compilation against versions < 2.12.0

The AES-GCM ciphers were added to GnuTLS as late as ver. 3.0.1 but
the code path in which they're referenced here is only ever used for
somewhat older GnuTLS versions. This caused undeclared identifier errors
when compiling against those.

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 03dc74530d3c00c33682dad13da6baa46498d98b..3ef4e909f4fc54a5a9c7ae8cafc3edb68c1d9df7 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -40,6 +40,7 @@ This release includes the following bugfixes:
  o nss: fix a memory leak when CURLOPT_CRLFILE is used
  o gnutls: ignore invalid certificate dates with VERIFYPEER disabled
  o gnutls: fix SRP support with versions of GnuTLS from 2.99.0
+ o gnutls: fixed compilation against versions < 2.12.0
  o 
 
 This release includes the following known bugs:

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 54bfef1189cd8b06e6a91c528aa54052fd1884b0..ec582e096ceeee95fbd5a358ad001dd0ba1eb421 100644 (file)
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -369,10 +369,17 @@ gtls_connect_step1(struct connectdata *conn,
   struct in_addr addr;
 #endif
 #ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
-  static int cipher_priority[] = { GNUTLS_CIPHER_AES_128_GCM,
-    GNUTLS_CIPHER_AES_256_GCM, GNUTLS_CIPHER_AES_128_CBC,
-    GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_CAMELLIA_128_CBC,
-    GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_CIPHER_3DES_CBC,
+  static const int cipher_priority[] = {
+  /* These two ciphers were added to GnuTLS as late as ver. 3.0.1,
+     but this code path is only ever used for ver. < 2.12.0.
+     GNUTLS_CIPHER_AES_128_GCM,
+     GNUTLS_CIPHER_AES_256_GCM,
+  */
+    GNUTLS_CIPHER_AES_128_CBC,
+    GNUTLS_CIPHER_AES_256_CBC,
+    GNUTLS_CIPHER_CAMELLIA_128_CBC,
+    GNUTLS_CIPHER_CAMELLIA_256_CBC,
+    GNUTLS_CIPHER_3DES_CBC,
   };
   static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
   static int protocol_priority[] = { 0, 0, 0, 0 };