diff options
| author | Andreas Schneider <asn@samba.org> | 2020-06-15 11:50:16 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2020-06-17 17:42:02 +0000 |
| commit | 53e3a959b958a3b099df6ecc5f6e294e96bd948e (patch) | |
| tree | 63e0cbc0729147a8a868c714f6ea9782628c6f6c /wscript_configure_system_gnutls | |
| parent | 3d1b6ddcd0a1cee2eaeed5cc8bb38a8e8cdc1891 (diff) | |
| download | samba-53e3a959b958a3b099df6ecc5f6e294e96bd948e.tar.gz | |
s3:lib:tls: Use better priority lists for modern GnuTLS
We should use the default priority list. That is a good practice,
because TLS protocol hardening and phasing out of legacy algorithms,
is easier to co-ordinate when happens at a single place. See crypto
policies of Fedora.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 17 17:42:02 UTC 2020 on sn-devel-184
Diffstat (limited to 'wscript_configure_system_gnutls')
| -rw-r--r-- | wscript_configure_system_gnutls | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls index cd2f5596e11..9eabd0da75c 100644 --- a/wscript_configure_system_gnutls +++ b/wscript_configure_system_gnutls @@ -20,6 +20,9 @@ conf.SET_TARGET_TYPE('gnutls', 'SYSLIB') # Check for gnutls_pkcs7_get_embedded_data_oid (>= 3.5.5) required by libmscat conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls') +# Check for gnutls_set_default_priority_append (>= 3.6.3) +conf.CHECK_FUNCS_IN('gnutls_set_default_priority_append', 'gnutls') + # Check for gnutls_aead_cipher_encryptv2 # # This is available since version 3.6.10, but 3.6.10 has a bug which got fixed |