git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Michal Privoznik <mprivozn@redhat.com>
	Wed, 29 Jun 2022 09:16:06 +0000 (11:16 +0200)
committer	Michal Privoznik <mprivozn@redhat.com>
	Fri, 1 Jul 2022 11:04:59 +0000 (13:04 +0200)
commit	09010f7e76341a734ff4aab6e4b658aa4864f18b
tree	0f67f40d3a4312402258f3bbb4d186f13bd348fc	tree
parent	4d7e8484188c0875fbf9629b519cadd50d62067e	commit \| diff

virnettlscontext: Don't set DH parameters ourselves

According to [1]:

  Prior to GnuTLS 3.6.0 for the ephemeral or anonymous
  Diffie-Hellman (DH) TLS ciphersuites the application was
  required to generate or provide DH parameters. That is no
  longer necessary as GnuTLS utilizes DH parameters and
  negotiation from [RFC7919].

This allows us to:

  a) drop the code that's setting DH params,
  b) drop @dhParams member from _virNetTLSContext struct. and
  c) drop gnutls_dh_params_generate2() mock.

1: https://www.gnutls.org/manual/html_node/Parameter-generation.html

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

src/rpc/virnettlscontext.c		diff \| blob \| blame \| history
tests/virrandommock.c		diff \| blob \| blame \| history