While all Fedora systems should have a crypto policy config
file that defines @SYSTEM policy. You never know, however,
if someone has done a peculiar Fedora build / install that
does not setup the crypto policy. As a protection measure
we should tell gnutls to automatically fallback to NORMAL
if @SYSTEM is misssing.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index ee6162e..c2d188a 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -207,7 +207,7 @@
%endif
%if 0%{?fedora} >= 21
- %define tls_priority "@SYSTEM"
+ %define tls_priority "@SYSTEM,NORMAL"
%else
%define tls_priority "NORMAL"
%endif
--
2.5.5
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list