[PATCH 0/2] gnutls: Be more clever about DH key size
Michal Privoznik
mprivozn at redhat.com
Tue Dec 21 14:22:57 UTC 2021
See 2/2 for explanation.
Ideally, we wouldn't use gnutls_dh_params_generate2() at all, per [1].
But that would require bumping minimal required version to gnutls-3.6.0
and I'm not sure how available it is in OSes we support. Therefore, for
now let's stick with patch 2/2.
1: https://www.gnutls.org/manual/html_node/Parameter-generation.html
Michal Prívozník (2):
virnettlscontext: Drop gnutls_dh_set_prime_bits()
virnettlscontext: Don't pass static key length to
gnutls_dh_params_generate2()
src/rpc/virnettlscontext.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
--
2.32.0
More information about the libvir-list
mailing list