On Wed, Jul 15, 2020 at 04:47:01PM +0100, Daniel P. Berrangé wrote:
> The unit tests using the x509 crypto functionality have started
> failing in Fedora 33 rawhide with a message like
>
> The certificate uses an insecure algorithm
>
> This is result of Fedora changes to support strong crypto [1]. RSA
It looks like the reference [1] is supposed to resolve to the following
URL:
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
Whoever is applying the patch might want to tweak the commit. FWIW:
Reviewed-by: Kashyap Chamarthy <kcham...@redhat.com>
> with 1024 bit key is viewed as legacy and thus insecure. Generate
> a new private key which is 3072 bits long and reasonable future
> proof.
>
> Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
> ---
>
> Changed in v2:
>
> - ALso fix the I/O tests key
> - Use RSA key again instead of EC, since it is needed
> for the real TLS sessions in the I/O tests
>
> tests/crypto-tls-x509-helpers.c | 59 ++++++++++++++++++++++-----------
> tests/qemu-iotests/common.tls | 57 +++++++++++++++++++++----------
> 2 files changed, 79 insertions(+), 37 deletions(-)
>
[...]
--
/kashyap
