PR#2: Fix patch relaxing CA certs bundle validation adding unit test change - rpms/qemu

Roberto Campesato • 2 months ago

056fbc

0001-relax-CA-certs-checks.patch

file modified

+13 -1

		`@@ -2,7 +2,7 @@`
		`diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c`
		`--- a/crypto/tlscredsx509.c`
		`+++ b/crypto/tlscredsx509.c`
		`- @@ -502,14 +502,6 @@`
		`+ @@ -502,14 +502,6 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,`
		`goto cleanup;`
		`}`

		`@@ -17,3 +17,15 @@`
		`if (cert && ncacerts &&`
		`qcrypto_tls_creds_check_cert_pair(cert, certFile, cacerts,`
		`ncacerts, cacertFile,`
		`+ diff --git a/tests/unit/test-crypto-tlscredsx509.c b/tests/unit/test-crypto-tlscredsx509.c`
		`+ --- a/tests/unit/test-crypto-tlscredsx509.c`
		`+ +++ b/tests/unit/test-crypto-tlscredsx509.c`
		`+ @@ -285,7 +285,7 @@ int main(int argc, char **argv)`
		`+ TLS_TEST_REG(badca1, true, cacert4req.filename, servercert4req.filename,`
		`+ true);`
		`+ TLS_TEST_REG(badca2, true,`
		`+ - cacert5req.filename, servercert5req.filename, true);`
		`+ + cacert5req.filename, servercert5req.filename, false);`
		`+ TLS_TEST_REG(badca3, true,`
		`+ cacert6req.filename, servercert6req.filename, true);`
		`+`

qemu.spec

file modified

		`@@ -3174,6 +3174,9 @@`


		`%changelog`
		`+ * Tue Mar 26 2024 Roberto Campesato <render@metalabs.org> - 8.2.2-1.1`
		`+ - include unit test change in patch relaxing CA cert bundle validation`
		`+`
		`* Tue Mar 19 2024 Roberto Campesato <render@metalabs.org> - 8.2.2-1.1`
		`- Merge latest changes from Fedora`
		`- Re-enabled libblkio (RHBZ#2232766 closed)`