Ignore:
Timestamp:
07/04/2017 11:28:56 PM (7 years ago)
Author:
DJ Lucas <dj@…>
Branches:
10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
Children:
6bb33c2
Parents:
542d478
Message:

Use PKCS #11 modules where possible with gnutls.
Update to GnuTLS-3.5.14. Fixes #9444.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@18915 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:
1 edited

Legend:

Unmodified
Added
Removed

  • postlfs/security/gnutls.xml

    r542d478 r1ac799b  
    77  <!ENTITY gnutls-download-http "https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5/gnutls-&gnutls-version;.tar.xz">
    88  <!ENTITY gnutls-download-ftp  "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-&gnutls-version;.tar.xz">
    9   <!ENTITY gnutls-md5sum        "4fd41ad86572933c2379b4cc321a0959">
     9  <!ENTITY gnutls-md5sum        "1e84b57a472b5f3b01f2c1b7a3a2bcbe">
    1010  <!ENTITY gnutls-size          "6.9 MB">
    11   <!ENTITY gnutls-buildsize     "121 MB (add 44 MB for tests)">
    12   <!ENTITY gnutls-time          "1.5 SBU (add 8.9 SBU for tests)">
     11  <!ENTITY gnutls-buildsize     "147 MB (add 42 MB for tests)">
     12  <!ENTITY gnutls-time          "1.3 SBU (add 5.0 SBU for tests)">
    1313]>
    1414
     
    143143
    144144<screen><userinput>./configure --prefix=/usr \
    145             --with-default-trust-store-file=/etc/ssl/ca-bundle.crt &amp;&amp;
     145            --with-default-trust-store-pkcs11="pkcs11:" &amp;&amp;
    146146make</userinput></screen>
    147147
     
    181181
    182182    <para>
    183       <parameter>--with-default-trust-store-file=/etc/ssl/ca-bundle.crt</parameter>:
     183      <parameter>--with-default-trust-store-pkcs11="pkcs11:"</parameter>: This
     184      switch tells gnutls to use the PKCS #11 trust store as the default trust.
     185      Omit this switch if <xref linkend="p11-kit"/> is not installed.
     186    </para>
     187
     188    <para>
     189      <option>--with-default-trust-store-file=/etc/ssl/ca-bundle.crt</option>:
    184190      This switch tells <command>configure</command> where to find the
    185       CA Certificates.
     191      legacy CA certificate bundle and to use it instead of PKCS #11 module
     192      by default. Use this if <xref linkend="p11-kit"/> is not installed.
    186193    </para>
    187194
Note: See TracChangeset for help on using the changeset viewer.