https://bugzilla.redhat.com/show_bug.cgi?id=1887621 --- Comment #19 from Davide Cavalca <dcavalca@xxxxxx> --- (In reply to Antonio T. sagitter from comment #18) > - folly.x86_64: W: crypto-policy-non-compliance-openssl > /usr/lib64/libfolly.so.2020.10.19.00 SSL_CTX_set_cipher_list > > $ rpmlint -I crypto-policy-non-compliance-openssl > crypto-policy-non-compliance-openssl: > This application package calls a function to explicitly set crypto ciphers > for > SSL/TLS. That may cause the application not to use the system-wide set > cryptographic policy and should be modified in accordance to: > https://fedoraproject.org/wiki/Packaging:CryptoPolicies > > See https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/ I don't think this is applicable in this case. The code triggering this is https://github.com/facebook/folly/blob/2fa292ded20bb83383c010974bb7796b2832a84d/folly/io/async/SSLContext.cpp#L211-L217 which is just wrapping OpenSSL as part of the SSLContext interface. This is definitely relevant for applications using folly that consume this interface, but I don't think the library itself should hardcode PROFILE=SYSTEM here. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
