1179308 – Utilize system-wide crypto-policies

Bug 1179308 - Utilize system-wide crypto-policies

Summary: Utilize system-wide crypto-policies

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libgadu
Sub Component:
Version:	21
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Dominik 'Rathann' Mierzejewski
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	fedora-crypto-policies
TreeView+	depends on / blocked

Reported:	2015-01-06 14:53 UTC by Nikos Mavrogiannopoulos
Modified:	2015-01-27 12:48 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-01-27 12:48:44 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Nikos Mavrogiannopoulos 2015-01-06 14:53:39 UTC

Please convert this application to use the system's crypto policy for SSL and TLS:
https://fedoraproject.org/wiki/Packaging:CryptoPolicies

If this program is compiled against gnutls, change the default priority string to be "@SYSTEM" or to use gnutls_set_default_priority().

If this program is compiled against openssl, and there is no default cipher list specified, you don't need to modify it. Otherwise replace the default cipher list with "PROFILE=SYSTEM".

In both cases please verify that the application uses the system's crypto policies.

If the package is already using the system-wide crypto policies, or it does not use SSL or TLS, no action is required, the bug can simply be closed.

Comment 1 Dominik 'Rathann' Mierzejewski 2015-01-27 12:48:44 UTC

libgadu in Fedora is built against gnutls and is using

src/events.c:272:
gnutls_set_default_priority(tmp->session);

already.

Note You need to log in before you can comment on or make changes to this bug.