On Tue, Dec 21, 2021 at 03:22:57PM +0100, Michal Privoznik wrote:
See 2/2 for explanation. Ideally, we wouldn't use gnutls_dh_params_generate2() at all, per [1]. But that would require bumping minimal required version to gnutls-3.6.0 and I'm not sure how available it is in OSes we support. Therefore, for
As far as I can tell from repology.org all the major distros have 3.6.x in more than one version and definitely all those that we have in the CI, so I'd say bump that.
now let's stick with patch 2/2. 1: https://www.gnutls.org/manual/html_node/Parameter-generation.html Michal Prívozník (2): virnettlscontext: Drop gnutls_dh_set_prime_bits() virnettlscontext: Don't pass static key length to gnutls_dh_params_generate2() src/rpc/virnettlscontext.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) -- 2.32.0
Attachment:
signature.asc
Description: PGP signature
