From 2519e60d2f6124589a6a5b922dd9ae6bcb6f6588 Mon Sep 17 00:00:00 2001 From: Todd Lyons Date: Sat, 19 Oct 2013 17:01:26 -0700 Subject: Bug 1400: Fix GnuTLS PKCS11 issues Can disable PKCS11 in Makefile with AVOID_GNUTLS_PKCS11 build flag. Rename gnutls_enable_pkcs11 option to gnutls_allow_auto_pkcs11. Update Changelog --- doc/doc-txt/NewStuff | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'doc/doc-txt/NewStuff') diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 7f54b8f6c..d308f0485 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -88,7 +88,7 @@ Version 4.82 8. New expansion operators ${listnamed:name} to get the content of a named list and ${listcount:string} to count the items in a list. - 9. New global option "gnutls_enable_pkcs11", defaults false. The GnuTLS + 9. New global option "gnutls_allow_auto_pkcs11", defaults false. The GnuTLS rewrite in 4.80 combines with GnuTLS 2.12.0 or later, to autoload PKCS11 modules. For some situations this is desirable, but we expect admin in those situations to know they want the feature. More commonly, it means @@ -97,6 +97,13 @@ Version 4.82 through, thus breakage. So we explicitly inhibit the PKCS11 initialisation unless this new option is set. + Some older OS's with earlier versions of GnuTLS might not have pkcs11 ability, + so have also added a build option which can be used to build Exim with GnuTLS + but without trying to use any kind of PKCS11 support. Uncomment this in the + Local/Makefile: + + AVOID_GNUTLS_PKCS11=yes + 10. The "acl = name" condition on an ACL now supports optional arguments. New expansion item "${acl {name}{arg}...}" and expansion condition "acl {{name}{arg}...}" are added. In all cases up to nine arguments -- cgit v1.2.3