Bug 1400: Fix GnuTLS PKCS11 issues

[exim.git] / src / src / EDITME

diff --git a/src/src/EDITME b/src/src/EDITME
index f44a1e3a5cf04eb8450141e7c188e80710ed8a0d..3f818f35581a6af7445f6e0560fe9478168e333e 100644 (file)
--- a/src/src/EDITME
+++ b/src/src/EDITME
@@ -728,6 +728,13 @@ HEADERS_CHARSET="ISO-8859-1"
 # USE_GNUTLS_PC=gnutls
 # TLS_LIBS=-lgnutls -ltasn1 -lgcrypt
 
+# The security fix we provide with the gnutls_allow_auto_pkcs11 option
+# (4.82 PP/09) introduces a compatibility regression.  The symbol is
+# not available if GnuTLS is build without p11-kit (--without-p11-kit
+# configure option).  In this case use AVOID_GNUTLS_PKCS11=yes when
+# building Exim.
+# AVOID_GNUTLS_PKCS11=yes
+
 # If you are running Exim as a server, note that just building it with TLS
 # support is not all you need to do. You also need to set up a suitable
 # certificate, and tell Exim about it by means of the tls_certificate