Re: [libvirt] [PATCH] tests: force use of "NORMAL" TLS priority in test suite

2018-03-06 Thread Daniel P . Berrangé
On Mon, Mar 05, 2018 at 01:28:24PM +, Daniel P. Berrangé wrote: > When generating certificates we rely on GNUTLS' built-in default setup > for the ciphers used in the certs. We then currently run with the distro > specific TLS priority setup which can be much stronger, to the extent > that the

[libvirt] [PATCH] tests: force use of "NORMAL" TLS priority in test suite

2018-03-05 Thread Daniel P . Berrangé
When generating certificates we rely on GNUTLS' built-in default setup for the ciphers used in the certs. We then currently run with the distro specific TLS priority setup which can be much stronger, to the extent that the certificates we generate are considered untrustworthy. We don't care about t