waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 94808cc50e4350a8c3bc250a886e8d4e7802dd12)
author: Andreas Schneider <asn@samba.org> 2020-09-10 11:34:50 +0200
committer: Karolin Seeger <kseeger@samba.org> 2020-09-14 12:06:18 +0200
commit: 47e446f3f7ccdd65f60dbbab72a1e3b81f650959 (patch)
tree: 1c19fd57909af19851dd8b718e97cad03d74af19
parent: 8bd284a5b36d118a26c0c17be40a03703db517d2 (diff)
download: samba-47e446f3f7ccdd65f60dbbab72a1e3b81f650959.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls
index 9eabd0da75c..2ec217fb9dc 100644
--- a/wscript_configure_system_gnutls
+++ b/wscript_configure_system_gnutls
@@ -29,7 +29,10 @@ conf.CHECK_FUNCS_IN('gnutls_set_default_priority_append', 'gnutls')
 # in 3.6.11, see:
 #
 #     https://gitlab.com/gnutls/gnutls/-/merge_requests/1085
-if (parse_version('3.6.10') != parse_version(gnutls_version)):
+#
+# 3.6.10 - 3.6.14 have a severe memory leak with AES-CCM
+#     https://gitlab.com/gnutls/gnutls/-/merge_requests/1278
+if (parse_version(gnutls_version) > parse_version('3.6.14')):
     conf.CHECK_FUNCS_IN('gnutls_aead_cipher_encryptv2', 'gnutls')
 
 # Check if we have support for crypto policies
author	Andreas Schneider <asn@samba.org>	2020-09-10 11:34:50 +0200
committer	Karolin Seeger <kseeger@samba.org>	2020-09-14 12:06:18 +0200
commit	47e446f3f7ccdd65f60dbbab72a1e3b81f650959 (patch)
tree	1c19fd57909af19851dd8b718e97cad03d74af19
parent	8bd284a5b36d118a26c0c17be40a03703db517d2 (diff)
download	samba-47e446f3f7ccdd65f60dbbab72a1e3b81f650959.tar.gz