On Mon, May 27, 2019 at 3:00 PM Tomas Mraz <tmraz@xxxxxxxxxx> wrote: > > Anderson, FYI. Could you please answer the question below? > > On Fri, 2019-05-24 at 17:58 +0100, Richard W.M. Jones wrote: > > > libnbd.x86_64: W: crypto-policy-non-compliance-gnutls-1 > > > /usr/lib64/libnbd.so.0.0.0 gnutls_priority_set_direct > > > This application package calls a function to explicitly set crypto > > > ciphers for > > > SSL/TLS. That may cause the application not to use the system-wide > > > set > > > cryptographic policy and should be modified in accordance to: > > > https://fedoraproject.org/wiki/Packaging:CryptoPolicies > > > > The library does call gnutls_priority_set_direct, but in a way which > > I > > believe still uses the system policies: > > > > %prep > > ./configure --with-tls-priority=@LIBNBD,SYSTEM > > > > sets ... > > > > #define TLS_PRIORITY "@LIBNBD,SYSTEM" > > > > which calls ... > > > > err = gnutls_priority_set_direct (session, TLS_PRIORITY, NULL); > > > > So we're good and we can ignore this warning, right? > > > > I should note that I copied this coding pattern from libvirt. It looks good to me. The rpmlint shouldn't have warned there however. It seems that it incorrectly checks for SYSLOG string instead of SYSTEM. https://src.fedoraproject.org/rpms/rpmlint/blob/master/f/rpmlint.config#_475 regards, Nikos _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
