diff --git a/0001-Use-SYSTEM-wide-ciphers-for-gnutls.patch b/0001-Use-SYSTEM-wide-ciphers-for-gnutls.patch new file mode 100644 index 0000000..81983be --- /dev/null +++ b/0001-Use-SYSTEM-wide-ciphers-for-gnutls.patch @@ -0,0 +1,39 @@ +From 680849e6b9ced55fe8ac61771fd57e694c9ff79c Mon Sep 17 00:00:00 2001 +From: Nicolas Chauvet +Date: Mon, 24 Sep 2018 18:28:26 +0200 +Subject: [PATCH] Use @SYSTEM wide ciphers for gnutls + +Gnutls upstream has support for system +This is decribed at +https://fedoraproject.org/wiki/Packaging:CryptoPolicies +Also found on the debian wiki +https://wiki.debian.org/CryptoPolicy + +Signed-off-by: Nicolas Chauvet +--- + modules/misc/gnutls.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c +index 1b214358d4..05b4209692 100644 +--- a/modules/misc/gnutls.c ++++ b/modules/misc/gnutls.c +@@ -768,6 +768,7 @@ static void CloseServer (vlc_tls_creds_t *crd) + "hash functions and compression methods can be selected. " \ + "Refer to GNU TLS documentation for detailed syntax.") + static const char *const priorities_values[] = { ++ "@SYSTEM", + "PERFORMANCE", + "NORMAL", + "SECURE128", +@@ -775,6 +776,7 @@ static const char *const priorities_values[] = { + "EXPORT", + }; + static const char *const priorities_text[] = { ++ N_("System (default to system crypto ciphers policy)"), + N_("Performance (prioritize faster ciphers)"), + N_("Normal"), + N_("Secure 128-bits (exclude 256-bits ciphers)"), +-- +2.17.2 + diff --git a/vlc.spec b/vlc.spec index 121c7e7..e0924df 100644 --- a/vlc.spec +++ b/vlc.spec @@ -58,6 +58,7 @@ Source0: %{vlc_url}/%{?!vlc_tag:%{version}/}vlc-%{version}%{?vlc_tag}.tar.xz Patch0: https://github.com/RPi-Distro/vlc/raw/stretch-rpt/debian/patches/mmal_8.patch Patch1: libplacebo_patch_1.patch Patch2: Fix_aom_abi_break.patch +Patch3: 0001-Use-SYSTEM-wide-ciphers-for-gnutls.patch BuildRequires: desktop-file-utils BuildRequires: libappstream-glib BuildRequires: fontpackages-devel @@ -296,6 +297,7 @@ VLC media player extras modules. } %patch1 -p1 %patch2 -p1 +%patch3 -p1 %if 0%{?rhel} == 7 . /opt/rh/devtoolset-7/enable