[libvirt] [PATCH] libvirt.spec.in: include NORMAL as a fallback for @SYSTEM in TLS prio

Daniel P. Berrange Wed, 08 Jun 2016 07:40:53 -0700

While all Fedora systems should have a crypto policy config
file that defines @SYSTEM policy. You never know, however,
if someone has done a peculiar Fedora build / install that
does not setup the crypto policy. As a protection measure
we should tell gnutls to automatically fallback to NORMAL
if @SYSTEM is misssing.


Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
---
 libvirt.spec.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libvirt.spec.in b/libvirt.spec.in
index ee6162e..c2d188a 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -207,7 +207,7 @@
 %endif
 
 %if 0%{?fedora} >= 21
-    %define tls_priority "@SYSTEM"
+    %define tls_priority "@SYSTEM,NORMAL"
 %else
     %define tls_priority "NORMAL"
 %endif
-- 
2.5.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] libvirt.spec.in: include NORMAL as a fallback for @SYSTEM in TLS prio

Reply via email to