[ --enable-gnutls gnutls TLS/SSL support (default enabled)])
AS_IF([test "${enable_gnutls}" != "no"], [
- PKG_CHECK_MODULES(GNUTLS, [gnutls >= 1.0.17], [have_gnutls="yes"], [have_gnutls="no"])
+ PKG_CHECK_MODULES(GNUTLS, [gnutls >= 1.2.9], [have_gnutls="yes"], [have_gnutls="no"])
AS_IF([test "${have_gnutls}" = "yes"], [
VLC_ADD_PLUGINS([gnutls])
VLC_ADD_LDFLAGS([gnutls], [$GNUTLS_LIBS])
], [
AS_IF([test "${enable_gnutls}" = "yes"], [
- AC_MSG_ERROR([gnutls not present or too old (version 1.0.17 required)])
+ AC_MSG_ERROR([gnutls not present or too old (version 1.2.9 required)])
])
])
])
if( status )
{
- msg_Warn( p_session, "TLS session: access denied" );
+ msg_Err( p_session, "TLS session: access denied" );
if( status & GNUTLS_CERT_INVALID )
- msg_Dbg( p_session, "certificate could not be verified" );
+ msg_Warn( p_session, "certificate could not be verified" );
if( status & GNUTLS_CERT_REVOKED )
- msg_Dbg( p_session, "certificate was revoked" );
+ msg_Warn( p_session, "certificate was revoked" );
if( status & GNUTLS_CERT_SIGNER_NOT_FOUND )
- msg_Dbg( p_session, "certificate's signer was not found" );
+ msg_Warn( p_session, "certificate's signer was not found" );
if( status & GNUTLS_CERT_SIGNER_NOT_CA )
- msg_Dbg( p_session, "certificate's signer is not a CA" );
+ msg_Warn( p_session, "certificate's signer is not a CA" );
+ if( status & GNUTLS_CERT_INSECURE_ALGORITHM )
+ msg_Warn( p_session, "insecure certificate signature algorithm" );
p_session->pf_close( p_session );
return -1;
}
vlc_mutex_unlock( lock.p_address );
return VLC_EGENERIC;
}
- /*
- * FIXME: in fact, we currently depends on 1.0.17, but it breaks on
- * Debian which as a patched 1.0.16 (which we can use).
- */
- psz_version = gnutls_check_version( "1.0.16" );
+
+ psz_version = gnutls_check_version( "1.2.9" );
if( psz_version == NULL )
{
gnutls_global_deinit( );