Bug 348501

Summary: Port xen to use NSS library for cryptography
Product: [Fedora] Fedora Reporter: Peter Vrabec <pvrabec>
Component: xenAssignee: Xen Maintainance List <xen-maint>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: tmraz
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-23 10:42:05 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 348661    
Bug Blocks: 333741    

Description Peter Vrabec 2007-10-23 06:24:14 EDT
xen should be ported to use NSS library for cryptography.
See the tracking bug for details and links on how it could be done.
Comment 1 Daniel Berrange 2007-10-23 07:55:39 EDT
Is there a Python binding for NSS ? Without one this bug can't be addressed.
Comment 2 Daniel Berrange 2007-10-23 10:42:05 EDT
Having considered this ticket. XenD only uses SSL for the XenAPI service. We
don't use this in Fedora, since libvirt provides the management service. So I've
no interest in wasting time porting XenAPI.  The Xen device model uses QEMU
which has SSL. We are trying to get Xen to use upstream QEMU codebase rather
than its own private fork. Porting Xen's QEMU to NSS will just make it an even
worse fork compared to upstream QEMU which is not a sustainable approach.