From 9414f6b2d9ef88721a68ba4a396125a66976aad8 Mon Sep 17 00:00:00 2001 From: "Aaron M. Ucko" Date: Wed, 1 Dec 2021 22:08:16 -0500 Subject: [PATCH] suppress gnu TLS and mbed TLS version checks Prevent bailing when the exact compile-time and runtime GNU TLS versions differ; trust dpkg to disallow combinations that are actually incompatible. Likewise for mbed TLS. Gbp-Pq: Name suppress_tls_version_checks --- c++/src/connect/ncbi_gnutls.c | 2 ++ c++/src/connect/ncbi_mbedtls.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/c++/src/connect/ncbi_gnutls.c b/c++/src/connect/ncbi_gnutls.c index 89709618..74d770c2 100644 --- a/c++/src/connect/ncbi_gnutls.c +++ b/c++/src/connect/ncbi_gnutls.c @@ -692,6 +692,7 @@ static EIO_Status s_GnuTlsInit(FSSLPull pull, FSSLPush push) assert(!s_GnuTlsCredAnon); +#if 0 version = gnutls_check_version(0); if (strcasecmp(GNUTLS_VERSION, version) != 0) { CORE_LOGF(eLOG_Critical, @@ -699,6 +700,7 @@ static EIO_Status s_GnuTlsInit(FSSLPull pull, FSSLPush push) GNUTLS_VERSION, version)); assert(0); } +#endif if (!pull || !push) return eIO_InvalidArg; diff --git a/c++/src/connect/ncbi_mbedtls.c b/c++/src/connect/ncbi_mbedtls.c index d8da0bb4..67043995 100644 --- a/c++/src/connect/ncbi_mbedtls.c +++ b/c++/src/connect/ncbi_mbedtls.c @@ -665,12 +665,14 @@ static EIO_Status s_MbedTlsInit(FSSLPull pull, FSSLPush push) char buf[32]; mbedtls_version_get_string(version); +#if 0 if (strcasecmp(MBEDTLS_VERSION_STRING, version) != 0) { CORE_LOGF(eLOG_Critical, ("%s version mismatch: %s headers vs. %s runtime", kMbedTls, MBEDTLS_VERSION_STRING, version)); assert(0); } +#endif if (!pull || !push) return eIO_InvalidArg; -- 2.30.2