Re: [libvirt] failure to build on rawhide
On 05/23/2011 11:54 AM, Daniel P. Berrange wrote:
> Try gnutls_priority_set. What did you use
> gnutls_certificate_type_set_priority for? It is rare to really
> need it, a call to gnutls_set_default_priority() is usually
> sufficient.
Agreed, our current use of gnutls_certificate_type_set_priority is
bogus and can/should be removed, leaving just set_default_priority
calls.
If you expect random (other than gnutls/openssl/nss) TLS implementations
to connect to you (or you plan to connect to them), then the
set_default_priority() might not be enough. I tried to sketch the
reasons at:
http://www.gnu.org/software/gnutls/manual/html_node/Compatibility-Issues....
In those cases you might want to have some options configurable.
regards,
Nikos