------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1400 Summary: 4.82 breaks GnuTLS support on various platforms Product: Exim Version: 4.82 Platform: Other OS/Version: All Status: NEW Severity: bug Priority: critical Component: TLS AssignedTo: [email protected] ReportedBy: [email protected] CC: [email protected] Per Wolfgang Breyha in bug 1397, GnuTLS is often not built with p11-kit support, so the security fix we provide with the gnutls_enable_pkcs11 option (4.82 PP/09) introduces a compatibility regression which should be fixed before release. A work around is, ironically, to set the option "gnutls_enable_pkcs11". Because setting the option does not enable it, it _permits_ GnuTLS to init PKCS11, instead of Exim forcibly disabling it. So there are two issues: * should the option be renamed, before the first release that includes it, to something like "gnutls_allow_auto_pkcs11" ? * the symbol simply isn't available sometimes, so this needs to become conditional compilation; the sanest way to deal with this being a problem on older OSes is to add an Exim Makefile option, AVOID_GNUTLS_PKCS11, then use #ifndef that in the tls-gnu,c file. -- Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
