From 86b99bfdbe1f58421a7b3a3777fb20a5d5ab18a3 Mon Sep 17 00:00:00 2001
From: Chih-Hsuan Yen <645432-yan12125@users.noreply.gitlab.com>
Date: Mon, 23 Sep 2024 19:54:43 +0800
Subject: [PATCH] libvncclient: improve compatibility with GnuTLS 3.8

Since GnuTLS 3.8, TTLS-SRP is disabled by default at compile time [1].
As a result, connecting to a server via TLS fails with:

> Warning: Failed to set TLS priority: The request is invalid. (+SRP).

> TLS handshake failed: No or insufficient priorities were set.

On the other hand, TLS-SRP is apparently unused in libvncclient. It
seems TLS-SRP requires providing serveral parameters, including a
username and a password, via specific GnuTLS API [2], which I didn't
find in the codebase.

[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1681
[2] https://www.gnutls.org/manual/html_node/Authentication-using-SRP.html
---
 src/libvncclient/tls_gnutls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libvncclient/tls_gnutls.c b/src/libvncclient/tls_gnutls.c
index 10a2cec14..734976de5 100644
--- a/src/libvncclient/tls_gnutls.c
+++ b/src/libvncclient/tls_gnutls.c
@@ -25,7 +25,7 @@
 #include "tls.h"
 
 
-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP";
+static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA";
 static const char *rfbAnonTLSPriority = "NORMAL:+ANON-ECDH:+ANON-DH";
 
 #define DH_BITS 1024