From nobody Thu May  2 07:42:07 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1520256509450386.00478102067973;
 Mon, 5 Mar 2018 05:28:29 -0800 (PST)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 204477FEB6;
	Mon,  5 Mar 2018 13:28:28 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 961DA5D960;
	Mon,  5 Mar 2018 13:28:27 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2F7B018033EB;
	Mon,  5 Mar 2018 13:28:27 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
	[10.11.54.6])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w25DSQ0P031863 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 5 Mar 2018 08:28:26 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 5EAD82140613; Mon,  5 Mar 2018 13:28:26 +0000 (UTC)
Received: from t460.redhat.com (unknown [10.33.36.59])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E12252140610;
	Mon,  5 Mar 2018 13:28:25 +0000 (UTC)
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Mon,  5 Mar 2018 13:28:24 +0000
Message-Id: <20180305132824.15058-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH] tests: force use of "NORMAL" TLS priority in test
	suite
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]);
 Mon, 05 Mar 2018 13:28:28 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0

When generating certificates we rely on GNUTLS' built-in default setup
for the ciphers used in the certs. We then currently run with the distro
specific TLS priority setup which can be much stronger, to the extent
that the certificates we generate are considered untrustworthy. We don't
care about the quality of the ciphers we use in the test suite, so just
force the priority to "NORMAL" which should ensure our certs are
accepted by GNUTLS.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/virnettlscontexttest.c | 4 ++--
 tests/virnettlssessiontest.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
index 089c10e964..86647f3014 100644
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -72,7 +72,7 @@ static int testTLSContextInit(const void *opaque)
                                          data->crt,
                                          KEYFILE,
                                          NULL,
-                                         NULL,
+                                         "NORMAL",
                                          true,
                                          true);
     } else {
@@ -80,7 +80,7 @@ static int testTLSContextInit(const void *opaque)
                                          NULL,
                                          data->crt,
                                          KEYFILE,
-                                         NULL,
+                                         "NORMAL",
                                          true,
                                          true);
     }
diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
index 6d639e5b16..7e85607181 100644
--- a/tests/virnettlssessiontest.c
+++ b/tests/virnettlssessiontest.c
@@ -113,7 +113,7 @@ static int testTLSSessionInit(const void *opaque)
                                            data->servercrt,
                                            KEYFILE,
                                            data->wildcards,
-                                           NULL,
+                                           "NORMAL",
                                            false,
                                            true);
=20
@@ -121,7 +121,7 @@ static int testTLSSessionInit(const void *opaque)
                                            NULL,
                                            data->clientcrt,
                                            KEYFILE,
-                                           NULL,
+                                           "NORMAL",
                                            false,
                                            true);
=20
--=20
2.14.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list