On Fri, Aug 26, 2011 at 11:24 AM, Peter Maydell <peter.mayd...@linaro.org> wrote: > On 25 August 2011 14:13, Daniel P. Berrange <berra...@redhat.com> wrote: >> On Thu, Aug 25, 2011 at 01:27:00PM +0100, Peter Maydell wrote: >>> Does this constitute a change in the required version of gnutls which >>> we need to document in the proto-changelog for the next release? >>> Is it worth updating the configure tls check to check for this function >>> so we fall back to no-tls if the system version is too old? >> >> The gnutls_priority_set_direct() function has existed since 2.1.7 according >> to the GNUTLS NEWS files. >> >> Our configure check merely looks for 'gnutls.h' which will match any >> gnutls 1.x or 2.x release, and I can currently build qemu with TLS >> support on a RHEL-5 host which has gnutls 1.4.1 >> >> So I believe this change will significantly increase our min required >> gnutls version. We could #ifdef the code to deal with this, or perhaps >> do a patch based on use of gnutls_set_default_priority() which I >> believe is available in both 1.x and 2.x and is not deprecated > > Thanks for chasing down the version numbers. I definitely don't > think we should stop being able to compile on RHEL5 so I think > we should take one of the other approaches you suggest rather than > committing this patch.
Agreed. The gnutls_set_default_priority() idea sounds promising. Stefan
