[libvirt] gnutls regression in vircrypto
Since commit 799011bbe7 ("vircrypto: Rely on GnuTLS for hash functions") the function "gnutls_hash_fast" is used. According to the documentation at https://www.gnutls.org/manual/html_node/Cryptographic-API.html this function is only available since version 2.10.0. But m4/virt-gnutls.m4 expects at least 2.2.0. Please either revert that change, or bump also the required gnutls version. Olaf
On Tue, May 15, 2018 at 10:15:18AM +0200, Olaf Hering wrote:
Since commit 799011bbe7 ("vircrypto: Rely on GnuTLS for hash functions") the function "gnutls_hash_fast" is used. According to the documentation at https://www.gnutls.org/manual/html_node/Cryptographic-API.html this function is only available since version 2.10.0. But m4/virt-gnutls.m4 expects at least 2.2.0. Please either revert that change, or bump also the required gnutls version.
FWIW, per our distro support policy, I think we can increase min version to require the 3.x series of gnutls, which would let us drop a bunch of hacks. What distro are you using that lacks even gnutls == 2.10.0, as it sounds like that is going to be considered unsupported from libvirt POV ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Tue, May 15, 2018 at 10:32:25AM +0200, Olaf Hering wrote:
Am Tue, 15 May 2018 09:26:37 +0100 schrieb Daniel P. Berrangé <berrange@redhat.com>:
What distro are you using that lacks even gnutls == 2.10.0, as it sounds like that is going to be considered unsupported from libvirt POV ?
This is SLE11.
That one should not be supported according to our new policy: https://libvirt.org/platforms.html I was hoping to make GnuTLS >= 3 mandatory for building libvirt, or (if we need to allow building without GnuTLS), require it for at least the ESX and QEMU drivers Jano
Olaf
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Tue, May 15, 2018 at 10:40:05AM +0200, Ján Tomko wrote:
On Tue, May 15, 2018 at 10:32:25AM +0200, Olaf Hering wrote:
Am Tue, 15 May 2018 09:26:37 +0100 schrieb Daniel P. Berrangé <berrange@redhat.com>:
What distro are you using that lacks even gnutls == 2.10.0, as it sounds like that is going to be considered unsupported from libvirt POV ?
This is SLE11.
That one should not be supported according to our new policy: https://libvirt.org/platforms.html
I was hoping to make GnuTLS >= 3 mandatory for building libvirt, or (if we need to allow building without GnuTLS), require it for at least the ESX and QEMU drivers
We can't make it mandatory in general, because we must be able to build the setuid code without gnutls. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
participants (3)
-
Daniel P. Berrangé -
Ján Tomko -
Olaf Hering