DevHeads.net

rpmlint warning: crypto-policy-non-compliance-gnutls-1

The library does call gnutls_priority_set_direct, but in a way which I
believe still uses the system policies:

%prep
./configure --with-tls-priority=@LIBNBD,SYSTEM

sets ...

#define TLS_PRIORITY "@LIBNBD,SYSTEM"

which calls ...

err = gnutls_priority_set_direct (session, TLS_PRIORITY, NULL);

So we're good and we can ignore this warning, right?

I should note that I copied this coding pattern from libvirt.

Rich.

Comments

Re: rpmlint warning: crypto-policy-non-compliance-gnutls-1

By Tomas Mraz at 05/27/2019 - 08:59

Anderson, FYI. Could you please answer the question below?

On Fri, 2019-05-24 at 17:58 +0100, Richard W.M. Jones wrote:

Re: rpmlint warning: crypto-policy-non-compliance-gnutls-1

By Nikos Mavrogian... at 05/28/2019 - 07:33

On Mon, May 27, 2019 at 3:00 PM Tomas Mraz < ... at redhat dot com> wrote:
It looks good to me. The rpmlint shouldn't have warned there however.
It seems that it incorrectly checks for SYSLOG string instead of
SYSTEM.
<a href="https://src.fedoraproject.org/rpms/rpmlint/blob/master/f/rpmlint.config#_475" title="https://src.fedoraproject.org/rpms/rpmlint/blob/master/f/rpmlint.config#_475">https://src.fedoraproject.org/rpms/rpmlint/blob/master/f/rpmlint.config#...</a>

regards,
Nikos