From: Andreas Schneider <asn@samba.org>
Date: Thu, 10 Sep 2020 09:34:50 +0000 (+0200)
Subject: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14
X-Git-Tag: samba-4.12.8~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02ee82f6e4da19c801b7b4691804249b62b92166;p=thirdparty%2Fsamba.git

waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 94808cc50e4350a8c3bc250a886e8d4e7802dd12)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-12-test): Mon Sep 14 12:08:34 UTC 2020 on sn-devel-184
---

diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls
index b2b955f3c90..8ae1f04eaf7 100644
--- a/wscript_configure_system_gnutls
+++ b/wscript_configure_system_gnutls
@@ -26,7 +26,10 @@ conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls')
 # in 3.6.11, see:
 #
 #     https://gitlab.com/gnutls/gnutls/-/merge_requests/1085
-if (parse_version('3.6.10') != parse_version(gnutls_version)):
+#
+# 3.6.10 - 3.6.14 have a severe memory leak with AES-CCM
+#     https://gitlab.com/gnutls/gnutls/-/merge_requests/1278
+if (parse_version(gnutls_version) > parse_version('3.6.14')):
     conf.CHECK_FUNCS_IN('gnutls_aead_cipher_encryptv2', 'gnutls')
 
 if conf.CHECK_VALUEOF('GNUTLS_CIPHER_AES_128_CFB8', headers='gnutls/gnutls.h'):