Require GnuTLS 3.2.10+ for GnuTLS builds

It's not worth the effort to keep it building for <3.2 any more; nobody
cares... or noticess when we accidentally break it. So kill it; we've
been threatening to for ages.

Use 3.2.10 as the base because 3.2.x before that was broken on Windows.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/configure.ac b/configure.ac
index 5c50cf62d7848aa5b6cfa29a730e7602d4bb7007..bb92df7e59c8aa0675dcc33e714b97a24196eb7e 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -279,18 +279,9 @@ fi
 
 # First, check if GnuTLS exists and is usable
 if test "$with_gnutls" = "yes" || test "$with_gnutls" = ""; then
-    PKG_CHECK_MODULES(GNUTLS, gnutls >= 2.12.16,
-       [if ! $PKG_CONFIG --atleast-version=2.12.16 gnutls; then
-           AC_MSG_WARN([Your GnuTLS is too old. At least v2.12.16 is required])
-        elif test "$have_win" = "yes"; then
-          AC_MSG_CHECKING([for broken GnuTLS Windows versions])
-          if $PKG_CONFIG --atleast-version=3.2.0 gnutls &&
-             ! $PKG_CONFIG --atleast-version=3.2.10 gnutls; then
-              AC_MSG_RESULT([broken])
-          else
-              AC_MSG_RESULT([OK])
-              ssl_library=GnuTLS
-          fi
+    PKG_CHECK_MODULES(GNUTLS, gnutls,
+       [if ! $PKG_CONFIG --atleast-version=3.2.10 gnutls; then
+           AC_MSG_WARN([Your GnuTLS is too old. At least v3.2.10 is required])
        else
            ssl_library=GnuTLS
        fi], [:])

diff --git a/www/building.xml b/www/building.xml
index bcee63b9a32fd091db112a2e748044352f5ca5b3..d15f48bc0e382ad314c67e95c785c6d62c22ef39 100644 (file)
--- a/www/building.xml
+++ b/www/building.xml
@@ -23,7 +23,7 @@ libraries and tools installed:</p>
 <ul>
   <li><b><tt>libxml2</tt></b></li>
   <li><b><tt>zlib</tt></b></li>
-  <li>Either <b><tt>OpenSSL</tt></b> or <b><tt>GnuTLS</tt></b></li>
+  <li>Either <b><tt>OpenSSL</tt></b> or <b><tt>GnuTLS</tt></b> <i>(v3.2.10+)</i></li>
   <li><b><tt>pkg-config</tt></b></li>
 </ul>
 And <em>optionally</em> also:

diff --git a/www/changelog.xml b/www/changelog.xml
index ed2d08b14953579d476d08b516c5f57f63ce45c4..300ea2c8d01652b5669a65a995a649bc18de2566 100644 (file)
--- a/www/changelog.xml
+++ b/www/changelog.xml
@@ -15,6 +15,7 @@
 <ul>
    <li><b>OpenConnect HEAD</b>
      <ul>
+       <li>Drop support for GnuTLS older than 3.2.10.</li>
        <li>Fix <tt>--passwd-on-stdin</tt> for Windows to not forcibly open console.</li>
        <li>Fix portability of shell scripts in test suite.</li>
        <li>Add Google Authenticator TOTP support for Juniper.</li>