On Wed, Nov 16, 2016 at 4:44 PM, Daniel P. Berrange <berrange@redhat.com> wrote:
NACK, the gnutls changes are being reverted by upstream and IMHO if any distro is shipping 3.5.6 they should revert them too, as the change was a semantic break in gnutls API that will in turn break any libvirt deployments using this feature when upgraded
Thats kind of what I thought when seeing the effect of the change, but I didn't find that upstream reverted that yesterday. Thanks for pointing this out as it makes more sense this way. Explicitly looking for it I found the change in gnutls which is not yet released in any version: commit 70bf8475bb0ab178fe36ee4c601a6cfec8e70a3f Author: Nikos Mavrogiannopoulos <nmav@redhat.com> Date: Fri Nov 11 16:20:01 2016 +0100 Introduced new functions to allow multiple DN parsing modes The old DN parsing functions are changed to return the original non-fully compliant with RFC4514 string format, while the new ones return the compliant string by default. This allows applications which relied on the previous format to continue functioning without changes. -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd