gnutls: 3.7.0 -> 3.7.1

https://lists.gnupg.org/pipermail/gnutls-help/2021-March/004698.html
It includes a low-severity security fix:
https://gnutls.org/security-new.html#GNUTLS-SA-2021-03-10

postPatch: the patched file doesn't exist now and all tests still pass.

pkgs/development/libraries/gnutls/default.nix

@@ -8,7 +8,7 @@
 
 assert guileBindings -> guile != null;
 let
-  version = "3.7.0";
+  version = "3.7.1";
 
   # XXX: Gnulib's `test-select' fails on FreeBSD:
   # https://hydra.nixos.org/build/2962084/nixlog/1/raw .
@@ -24,7 +24,7 @@ stdenv.mkDerivation {
 
   src = fetchurl {
     url = "mirror://gnupg/gnutls/v3.7/gnutls-${version}.tar.xz";
-    sha256 = "1y0xi8cabh7i0lgka658qmdhjngkm29v4acq9brcjlnjj4ka5qj9";
+    sha256 = "0vxcbig87sdc73h58pmcpbi4al1zgcxid1jn67mhcpna7sbdfxrp";
   };
 
   outputs = [ "bin" "dev" "out" "man" "devdoc" ];
@@ -45,9 +45,7 @@ stdenv.mkDerivation {
   #  - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox (3.5.11)
   #  - psk-file: no idea; it broke between 3.6.3 and 3.6.4
   # Change p11-kit test to use pkg-config to find p11-kit
-  postPatch = lib.optionalString (lib.versionAtLeast version "3.4") ''
-    sed '2iecho "name constraints tests skipped due to datefudge problems"\nexit 0' -i tests/cert-tests/name-constraints
-  '' + lib.optionalString (lib.versionAtLeast version "3.6") ''
+  postPatch = lib.optionalString (lib.versionAtLeast version "3.6") ''
     sed '2iexit 77' -i tests/{pkgconfig,fastopen}.sh
     sed '/^void doit(void)/,/^{/ s/{/{ exit(77);/' -i tests/{trust-store,psk-file}.c
     sed 's:/usr/lib64/pkcs11/ /usr/lib/pkcs11/ /usr/lib/x86_64-linux-gnu/pkcs11/:`pkg-config --variable=p11_module_path p11-kit-1`:' -i tests/p11-kit-trust.sh