forked from rpms/libvirt
43 lines
1.6 KiB
Diff
43 lines
1.6 KiB
Diff
From 1e693fc723a8309b243b74c5baa7b7f0682d52f7 Mon Sep 17 00:00:00 2001
|
|
Message-Id: <1e693fc723a8309b243b74c5baa7b7f0682d52f7@dist-git>
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Wed, 18 Jul 2018 19:21:06 +0100
|
|
Subject: [PATCH] tests: fix TLS handshake failure with TLS 1.3
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
|
|
sent by the handshake changes. This exposed a logic bug in the test
|
|
suite which caused us to wait for the server to see handshake
|
|
completion, but not wait for the client to see completion. The result
|
|
was the client didn't receive the certificate for verification and the
|
|
test failed.
|
|
|
|
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
|
|
its GNUTLS builds.
|
|
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
(cherry picked from commit cf92b90e3537631d5235a564f917a7a0fadac3e1)
|
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
---
|
|
tests/virnettlssessiontest.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
|
|
index 7e85607181..375cc1bb02 100644
|
|
--- a/tests/virnettlssessiontest.c
|
|
+++ b/tests/virnettlssessiontest.c
|
|
@@ -180,7 +180,7 @@ static int testTLSSessionInit(const void *opaque)
|
|
if (rv == VIR_NET_TLS_HANDSHAKE_COMPLETE)
|
|
clientShake = true;
|
|
}
|
|
- } while (!clientShake && !serverShake);
|
|
+ } while (!clientShake || !serverShake);
|
|
|
|
|
|
/* Finally make sure the server validation does what
|
|
--
|
|
2.18.0
|
|
|