ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: ensure we use a predictable TLS priority setting 

The TLS test cert generation relies on a fixed set of algorithms that are
only usable under GNUTLS' default priority setting. When building QEMU
with a custom distro specific priority setting, this can cause the TLS
tests to fail. By forcing the tests to always use "NORMAL" priority we
can make them more robust.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2018-02-28 14:04:38 +00:00
parent 00e5e9df29
commit 057ad0b469
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
tests/test-crypto-tlssession.c
View File

@ -75,6 +75,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endpoint,
"server" : "client"), "server" : "client"),
"dir", certdir, "dir", certdir,
"verify-peer", "yes", "verify-peer", "yes",
"priority", "NORMAL",
/* We skip initial sanity checks here because we /* We skip initial sanity checks here because we
* want to make sure that problems are being * want to make sure that problems are being
* detected at the TLS session validation stage, * detected at the TLS session validation stage,

1
tests/test-io-channel-tls.c
View File

@ -78,6 +78,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endpoint,
"server" : "client"), "server" : "client"),
"dir", certdir, "dir", certdir,
"verify-peer", "yes", "verify-peer", "yes",
"priority", "NORMAL",
/* We skip initial sanity checks here because we /* We skip initial sanity checks here because we
* want to make sure that problems are being * want to make sure that problems are being
* detected at the TLS session validation stage, * detected at the TLS session validation stage,