
4 Sep
2014
4 Sep
'14
8:58 a.m.
"Daniel P. Berrange" <berrange@redhat.com> writes:
On Thu, Sep 04, 2014 at 10:33:37AM +0200, Giuseppe Scrivano wrote:
When FIPS mode is on, gnutls_dh_params_generate2 will fail if 1024 is specified as the prime's number of bits, a bigger value works in both cases.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> ---
with the development version of GNU TLS is possible to test FIPS mode setting the env variable GNUTLS_FORCE_FIPS_MODE=2
How about we set that env variable in our two TLS tests too, because we really want libvirt to be always able to run in FIPS mode.
sure, I will send a follow-up patch. Regards, Giuseppe