Enable tests in check, and add patches to fix tests

Resolves: RHEL-76426

fix-ssl-test.patch

@@ -0,0 +1,123 @@
+From c720f9c696b3b39d8c386abf8c8a9ddad447cda0 Mon Sep 17 00:00:00 2001
+From: Carlos Garcia Campos <cgarcia@igalia.com>
+Date: Wed, 9 Sep 2020 14:44:25 +0200
+Subject: [PATCH 1/2] tests: fix SSL test with glib-networking >= 2.65.90
+
+To make SSL tests fail with our testing certificate we create and empty
+GTlsDatabase passing /dev/null to g_tls_file_database_new(). This no
+longer works with newer glib-networking, since an empty file is
+considered an error by gnutls and
+g_tls_file_database_gnutls_populate_trust_list() now handles gnutls
+errors properly. Instead, we can just use the system CA file that won't
+contain our testing certificate for sure.
+
+Fixes #201
+---
+ tests/ssl-test.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/tests/ssl-test.c b/tests/ssl-test.c
+index 735ba416..2c93ca85 100644
+--- a/tests/ssl-test.c
++++ b/tests/ssl-test.c
+@@ -3,7 +3,6 @@
+ #include "test-utils.h"
+ 
+ SoupURI *uri;
+-GTlsDatabase *null_tlsdb;
+ 
+ static void
+ do_properties_test_for_session (SoupSession *session)
+@@ -37,7 +36,7 @@ do_async_properties_tests (void)
+ 
+ 	session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
+ 	g_object_set (G_OBJECT (session),
+-		      SOUP_SESSION_TLS_DATABASE, null_tlsdb,
++		      SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE, TRUE,
+ 		      SOUP_SESSION_SSL_STRICT, FALSE,
+ 		      NULL);
+ 	do_properties_test_for_session (session);
+@@ -53,7 +52,7 @@ do_sync_properties_tests (void)
+ 
+ 	session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
+ 	g_object_set (G_OBJECT (session),
+-		      SOUP_SESSION_TLS_DATABASE, null_tlsdb,
++		      SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE, TRUE,
+ 		      SOUP_SESSION_SSL_STRICT, FALSE,
+ 		      NULL);
+ 	do_properties_test_for_session (session);
+@@ -106,7 +105,7 @@ do_strictness_test (gconstpointer data)
+ 	}
+ 	if (!test->with_ca_list) {
+ 		g_object_set (G_OBJECT (session),
+-			      SOUP_SESSION_TLS_DATABASE, null_tlsdb,
++			      SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE, TRUE,
+ 			      NULL);
+ 	}
+ 
+@@ -433,7 +432,6 @@ main (int argc, char **argv)
+ {
+ 	SoupServer *server = NULL;
+ 	int i, ret;
+-	GError *error = NULL;
+ 
+ 	test_init (argc, argv, NULL);
+ 
+@@ -441,9 +439,6 @@ main (int argc, char **argv)
+ 		server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
+ 		soup_server_add_handler (server, NULL, server_handler, NULL, NULL);
+ 		uri = soup_test_server_get_uri (server, "https", "127.0.0.1");
+-
+-		null_tlsdb = g_tls_file_database_new ("/dev/null", &error);
+-		g_assert_no_error (error);
+ 	} else
+ 		uri = NULL;
+ 
+@@ -463,7 +458,6 @@ main (int argc, char **argv)
+ 	if (tls_available) {
+ 		soup_uri_free (uri);
+ 		soup_test_server_quit_unref (server);
+-		g_object_unref (null_tlsdb);
+ 	}
+ 
+ 	test_cleanup ();
+-- 
+2.43.5
+
+
+From 0fbc7e8220c32f4848d6f1407efe81cc13ab18ef Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Sat, 18 Jan 2025 01:20:24 -0600
+Subject: [PATCH 2/2] Add workaround for flaky ssl-test connection failures
+
+---
+ tests/ssl-test.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/tests/ssl-test.c b/tests/ssl-test.c
+index 2c93ca85..1b48c6aa 100644
+--- a/tests/ssl-test.c
++++ b/tests/ssl-test.c
+@@ -348,6 +348,19 @@ got_connection (GThreadedSocketService *service,
+ 		g_clear_error (&error);
+ 	}
+ 
++	// Work around a race condition where do_tls_interaction_test's call to
++	// soup_session_send_message() fails due to the server having closed the
++	// connection:
++	//
++	// ERROR:../tests/ssl-test.c:405:do_tls_interaction_test: Unexpected status 7 Connection terminated unexpectedly (expected 200 OK)
++	//
++	// This bug is already fixed upstream, so no sense in spending a bunch
++	// of time trying to find a proper fix.
++	//
++	// I'm not certain, but I suspect it's fixed by:
++	// https://gitlab.gnome.org/GNOME/libsoup/-/commit/bd6de90343839125bd07c43c97e1000deb0b40c3
++	sleep (1);
++
+ 	g_io_stream_close (tls, NULL, &error);
+ 	g_assert_no_error (error);
+ 
+-- 
+2.43.5
+

libsoup.spec

@@ -5,13 +5,18 @@
 
 Name: libsoup
 Version: 2.72.0
-Release: 9%{?dist}
+Release: 10%{?dist}
 Summary: Soup, an HTTP library implementation
 
 License: LGPLv2
 URL: https://wiki.gnome.org/Projects/libsoup
 Source0: https://download.gnome.org/sources/%{name}/2.72/%{name}-%{version}.tar.xz
 
+# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/426
+Patch:   test-timeouts.patch
+# https://issues.redhat.com/browse/RHEL-76426
+Patch: fix-ssl-test.patch
+
 # https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402
 Patch: CVE-2024-52530.patch
 # https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
@@ -87,6 +92,9 @@ This package contains developer documentation for %{name}.
 %install
 %meson_install
 
+%check
+%meson_test
+
 %find_lang libsoup
 
 %files -f libsoup.lang
@@ -120,6 +128,10 @@ This package contains developer documentation for %{name}.
 %endif
 
 %changelog
+* Mon Jan 28 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.72.0-10
+- Enable tests in check, and add patches to fix tests
+  Resolves: RHEL-76426
+
 * Fri Jan 10 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.72.0-9
 - Add patches for CVE-2024-52530, CVE-2024-52531, and CVE-2024-52532
   Resolves: RHEL-67069

test-timeouts.patch

@@ -0,0 +1,14 @@
+diff --git a/tests/meson.build b/tests/meson.build
+index 5482aa86..bd90df15 100644
+--- a/tests/meson.build
++++ b/tests/meson.build
+@@ -190,7 +190,7 @@ foreach test: tests
+   )
+   # Increase the timeout as on some architectures the tests could be slower
+   # than the default 30 seconds.
+-  test(test_name, test_target, env : env, is_parallel : test[1], timeout : 60)
++  test(test_name, test_target, env : env, is_parallel : test[1], timeout : 300)
+ endforeach
+ 
+ executable('ntlm-test-helper', 'ntlm-test-helper.c',
+