rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-tests-fix-TLS-handshake-failure-with-TLS-1.3.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   e90370de463b88b3a35c9417c133be9b74e1461e
  2.   SOURCES
  3.   libvirt-tests-fix-TLS-handshake-failure-with-TLS-1.3.patch
Blob History Raw
edecca 
From 1e693fc723a8309b243b74c5baa7b7f0682d52f7 Mon Sep 17 00:00:00 2001
edecca 
Message-Id: <1e693fc723a8309b243b74c5baa7b7f0682d52f7@dist-git>
edecca 
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
edecca 
Date: Wed, 18 Jul 2018 19:21:06 +0100
edecca 
Subject: [PATCH] tests: fix TLS handshake failure with TLS 1.3
edecca 
MIME-Version: 1.0
edecca 
Content-Type: text/plain; charset=UTF-8
edecca 
Content-Transfer-Encoding: 8bit
edecca
edecca 
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
edecca 
sent by the handshake changes. This exposed a logic bug in the test
edecca 
suite which caused us to wait for the server to see handshake
edecca 
completion, but not wait for the client to see completion. The result
edecca 
was the client didn't receive the certificate for verification and the
edecca 
test failed.
edecca
edecca 
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
edecca 
its GNUTLS builds.
edecca
edecca 
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
edecca 
(cherry picked from commit cf92b90e3537631d5235a564f917a7a0fadac3e1)
edecca 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
edecca 
---
edecca 
 tests/virnettlssessiontest.c | 2 +-
edecca 
 1 file changed, 1 insertion(+), 1 deletion(-)
edecca
edecca 
diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
edecca 
index 7e85607181..375cc1bb02 100644
edecca 
--- a/tests/virnettlssessiontest.c
edecca 
+++ b/tests/virnettlssessiontest.c
edecca 
@@ -180,7 +180,7 @@ static int testTLSSessionInit(const void *opaque)
edecca 
             if (rv == VIR_NET_TLS_HANDSHAKE_COMPLETE)
edecca 
                 clientShake = true;
edecca 
         }
edecca 
-    } while (!clientShake && !serverShake);
edecca 
+    } while (!clientShake || !serverShake);
edecca
edecca
edecca 
     /* Finally make sure the server validation does what
edecca 
--
edecca 
2.18.0
edecca

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation