git.exim.org Git - exim.git/commit

author	Phil Pennock <pdp@exim.org>
	Sun, 24 Jun 2012 09:55:29 +0000 (02:55 -0700)
committer	Phil Pennock <pdp@exim.org>
	Sun, 24 Jun 2012 09:55:29 +0000 (02:55 -0700)
commit	a5f239e4959d4df6a4a341d8855e14d17399d671
tree	b146fc0467aa091e862fea4cbb038aaf3318aaa3	tree \| snapshot
parent	585121e2682545b7afa599e039a7a1e2b1804570	commit \| diff

Add gnutls_enable_pkcs11 option.

GnuTLS 2.12.0 adds PKCS11 support using p11-kit and by default will
autoload modules, which interoperates badly with GNOME keyring
integration, configured via paths in environment variables, and Exim
invoked by the user (eg, mailq) will then try to load the modules, fail
and spew warnings from the module for a library loaded by a library.

http://www.gnu.org/software/gnutls/manual/gnutls.html#Smart-cards-and-HSMs
documents that to prevent this, explicitly init PKCS11 before calling
gnutls_global_init(). So we do so, unless the admin sets the new
option.

Reported by Andreas Metzler, who confirmed that the added calls fixed
the problem for him.

doc/doc-docbook/spec.xfpt		diff \| blob \| history
doc/doc-txt/ChangeLog		diff \| blob \| history
doc/doc-txt/NewStuff		diff \| blob \| history
doc/doc-txt/OptionLists.txt		diff \| blob \| history
src/README.UPDATING		diff \| blob \| history
src/src/globals.c		diff \| blob \| history
src/src/globals.h		diff \| blob \| history
src/src/readconf.c		diff \| blob \| history
src/src/tls-gnu.c		diff \| blob \| history