From nobody Thu May 16 09:34:35 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1664793610; cv=none;
	d=zohomail.com; s=zohoarc;
	b=lL+HGEMaA6gyXhjRlDtrPMJ9d0Cgt5m0Hn1wHtEd9xqujrtYKJ8N0VHf6y5bJ58Asj4cjtxbrNqHYwWgH8UM6nHP0L1JBZzdWyuOVg6Ce0p+jlJoMaeoKzLkO9kAF3s0i2HD5ZR8BwDuhoae5FS4geCLjoh0ISmVGlcSPvFeDOg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664793610;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=gO5e8GipU2lb7Gj7dImz2/iKsfHpM9U99DxEJu2DgbA=;
	b=jz/RofksVOiqv2GxLI7DAwFWXn5jZEAVe1FJjCrgoCp5yVqHL98RNAMDXjMdXYPVKkkjKs5Vtnnk91RxVvR0Xp/Ewvkth7rzirF7lMZN26LasXeDZ7nphnnsmIuhnoOFsUiFlLdgMhua+iUumobY2vppTZKlZCJ9cNf4JZ+lAjg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<berrange@redhat.com> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1664793610452170.0670631807243;
 Mon, 3 Oct 2022 03:40:10 -0700 (PDT)
Received: from localhost ([::1]:37154 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1ofIrp-0003aY-6A
	for importer@patchew.org; Mon, 03 Oct 2022 06:40:09 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:56130)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1ofIfZ-0002TP-Re
 for qemu-devel@nongnu.org; Mon, 03 Oct 2022 06:27:30 -0400
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:45284)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1ofIfW-0001HB-Q3
 for qemu-devel@nongnu.org; Mon, 03 Oct 2022 06:27:28 -0400
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-563-wh--G2pvMfugVWZfiZ2zFQ-1; Mon, 03 Oct 2022 06:27:22 -0400
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com
 [10.11.54.10])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 62983800186;
 Mon,  3 Oct 2022 10:27:22 +0000 (UTC)
Received: from localhost.localdomain.com (unknown [10.33.36.10])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 75E0C492B04;
 Mon,  3 Oct 2022 10:27:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1664792846;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=gO5e8GipU2lb7Gj7dImz2/iKsfHpM9U99DxEJu2DgbA=;
 b=Hfr51RrGOGjYkncRq3P+UmqDTDtEsKBongHZCruSDK3Dnxrkb/UFliKnTHywTHw1Vc4+El
 gE2STYcB9c0+VHKV8N+CpGU/VQC4+dhz9eHLfSZR4/PwVK1XVVKzeClUXQDqvV2aAjMeZI
 oHuSZD6rEDLUNqQmtfYwoEdU/AuKgjQ=
X-MC-Unique: wh--G2pvMfugVWZfiZ2zFQ-1
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Bin Meng <bmeng.cn@gmail.com>,
 =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Subject: [PATCH 1/2] crypto: check for and report errors setting PSK
 credentials
Date: Mon,  3 Oct 2022 11:27:17 +0100
Message-Id: <20221003102718.600058-2-berrange@redhat.com>
In-Reply-To: <20221003102718.600058-1-berrange@redhat.com>
References: <20221003102718.600058-1-berrange@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=berrange@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1664793612145100001

If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
---
 crypto/tlscredspsk.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index a4f9891274..546cad1c5a 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
             goto cleanup;
         }
=20
-        gnutls_psk_set_server_credentials_file(creds->data.server, pskfile=
);
+        ret =3D gnutls_psk_set_server_credentials_file(creds->data.server,=
 pskfile);
+        if (ret < 0) {
+            error_setg(errp, "Cannot set PSK server credentials: %s",
+                       gnutls_strerror(ret));
+            goto cleanup;
+        }
         gnutls_psk_set_server_dh_params(creds->data.server,
                                         creds->parent_obj.dh_params);
     } else {
@@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
             goto cleanup;
         }
=20
-        gnutls_psk_set_client_credentials(creds->data.client,
-                                          username, &key, GNUTLS_PSK_KEY_H=
EX);
+        ret =3D gnutls_psk_set_client_credentials(creds->data.client,
+                                                username, &key, GNUTLS_PSK=
_KEY_HEX);
+        if (ret < 0) {
+            error_setg(errp, "Cannot set PSK client credentials: %s",
+                       gnutls_strerror(ret));
+            goto cleanup;
+        }
     }
=20
     rv =3D 0;
--=20
2.37.3


From nobody Thu May 16 09:34:35 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1664793109; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Q/6BYylFi9/rMmraUZk0eM1BsetngtpxvQDVKWwiUZtNhE3mlNAHpZqEcdevBTv8sL0OIa+4Gxb3OSUjs4f2BaIMfBorFQBMBw7uPqSVz1Sx0yFuvA9gOsYXqBQckClhfuvTcgIu+jYJGId/BhhCfYufvfev8mOmloICqXEHwQQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664793109;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=6fpSUZbksCW6EQjdoXztd45/o2mS9GsG5oWqvRNljks=;
	b=Ywt5ODgBS4u6thYX3CMQG3RJJOAQzx3gPhvSJ1TRdBkUzXJMfTxX8E39pP9jWrkS11TOetiW0a5P0gA/6USrG2mBX4lHcbVVxtS6hDW8lC9JUx13T0xhLveFOc5wO8FG1Gg+xIi1ynZ3GCMX2ezmr4R5fDhz9L0YRtuCeBBAxu8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<berrange@redhat.com> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1664793109606500.1763749516008;
 Mon, 3 Oct 2022 03:31:49 -0700 (PDT)
Received: from localhost ([::1]:47110 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1ofIjj-0005FI-Cu
	for importer@patchew.org; Mon, 03 Oct 2022 06:31:47 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:56128)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1ofIfY-0002TO-DN
 for qemu-devel@nongnu.org; Mon, 03 Oct 2022 06:27:28 -0400
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:29321)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1ofIfV-0001H3-RC
 for qemu-devel@nongnu.org; Mon, 03 Oct 2022 06:27:27 -0400
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-343-bdoLJ5rRMHC71m_4jWZFLQ-1; Mon, 03 Oct 2022 06:27:23 -0400
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com
 [10.11.54.10])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6F77B3C138A0;
 Mon,  3 Oct 2022 10:27:23 +0000 (UTC)
Received: from localhost.localdomain.com (unknown [10.33.36.10])
 by smtp.corp.redhat.com (Postfix) with ESMTP id B1B4E492B06;
 Mon,  3 Oct 2022 10:27:22 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1664792845;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=6fpSUZbksCW6EQjdoXztd45/o2mS9GsG5oWqvRNljks=;
 b=TtABExDhBeYz3c8UQvFTwWpGjkZlIXJ3NAMI9/Vhxw6HMJtTCpOJDi0EnGgDTuq3D4Ce9t
 M5OCsgmlJfKCuAN/lOMeZUD1W5Lem/b/lx1hXWFKAEov8Dsmi/5CXP4JSOM6uDH9BFHZEM
 64hAuMQ0nXZDkjkIbSEeJsPbJycuzHU=
X-MC-Unique: bdoLJ5rRMHC71m_4jWZFLQ-1
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Bin Meng <bmeng.cn@gmail.com>,
 =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Subject: [PATCH 2/2] tests: avoid DOS line endings in PSK file
Date: Mon,  3 Oct 2022 11:27:18 +0100
Message-Id: <20221003102718.600058-3-berrange@redhat.com>
In-Reply-To: <20221003102718.600058-1-berrange@redhat.com>
References: <20221003102718.600058-1-berrange@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=berrange@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1664793112269100001

Using FILE * APIs for writing the PSK file results in translation from
UNIX to DOS line endings on Windows. When the crypto PSK code later
loads the credentials the stray \r will result in failure to load the
PSK credentials into GNUTLS.

Rather than switching the FILE* APIs to open in binary format, just
switch to the more concise g_file_set_contents API.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
---
 tests/unit/crypto-tls-psk-helpers.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/tests/unit/crypto-tls-psk-helpers.c b/tests/unit/crypto-tls-ps=
k-helpers.c
index 511e08cc9c..c6cc740772 100644
--- a/tests/unit/crypto-tls-psk-helpers.c
+++ b/tests/unit/crypto-tls-psk-helpers.c
@@ -27,15 +27,14 @@
 static void
 test_tls_psk_init_common(const char *pskfile, const char *user, const char=
 *key)
 {
-    FILE *fp;
+    g_autoptr(GError) gerr =3D NULL;
+    g_autofree char *line =3D g_strdup_printf("%s:%s\n", user, key);
=20
-    fp =3D fopen(pskfile, "w");
-    if (fp =3D=3D NULL) {
-        g_critical("Failed to create pskfile %s: %s", pskfile, strerror(er=
rno));
+    g_file_set_contents(pskfile, line, strlen(line), &gerr);
+    if (gerr !=3D NULL) {
+        g_critical("Failed to create pskfile %s: %s", pskfile, gerr->messa=
ge);
         abort();
     }
-    fprintf(fp, "%s:%s\n", user, key);
-    fclose(fp);
 }
=20
 void test_tls_psk_init(const char *pskfile)
--=20
2.37.3