From nobody Sat May 4 11:44:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531906822117154.8788989182582; Wed, 18 Jul 2018 02:40:22 -0700 (PDT) Received: from localhost ([::1]:35594 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiwX-0004pj-4K for importer@patchew.org; Wed, 18 Jul 2018 05:40:21 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50344) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiuc-0003UF-P1 for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffiuZ-0001Br-Eh for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:22 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:56554 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ffiuZ-0001BL-9S for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:19 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DB36E7D84D for ; Wed, 18 Jul 2018 09:38:18 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.35]) by smtp.corp.redhat.com (Postfix) with ESMTP id E093F2156893; Wed, 18 Jul 2018 09:38:17 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Wed, 18 Jul 2018 10:38:12 +0100 Message-Id: <20180718093815.8104-2-berrange@redhat.com> In-Reply-To: <20180718093815.8104-1-berrange@redhat.com> References: <20180718093815.8104-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Wed, 18 Jul 2018 09:38:18 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Wed, 18 Jul 2018 09:38:18 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'berrange@redhat.com' RCPT:'' Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH for 3.0 1/4] tests: call qcrypto_init instead of gnutls_global_init X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Calling qcrypto_init ensures that all relevant initialization is done. In particular this honours the debugging settings and thread settings. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Tested-by: Philippe Mathieu-Daud=C3=A9 --- tests/crypto-tls-x509-helpers.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/crypto-tls-x509-helpers.c b/tests/crypto-tls-x509-helper= s.c index 173d4e28fb..70df68f5df 100644 --- a/tests/crypto-tls-x509-helpers.c +++ b/tests/crypto-tls-x509-helpers.c @@ -21,6 +21,8 @@ #include "qemu/osdep.h" =20 #include "crypto-tls-x509-helpers.h" +#include "crypto/init.h" +#include "qapi/error.h" #include "qemu/sockets.h" =20 #ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT @@ -95,7 +97,7 @@ static gnutls_x509_privkey_t test_tls_load_key(void) =20 void test_tls_init(const char *keyfile) { - gnutls_global_init(); + qcrypto_init(&error_abort); =20 if (asn1_array2tree(pkix_asn1_tab, &pkix_asn1, NULL) !=3D ASN1_SUCCESS= ) { abort(); --=20 2.17.1 From nobody Sat May 4 11:44:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531906824638837.2410281642701; Wed, 18 Jul 2018 02:40:24 -0700 (PDT) Received: from localhost ([::1]:35595 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiwX-0004rr-Iv for importer@patchew.org; Wed, 18 Jul 2018 05:40:21 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiuc-0003UD-Nc for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffiua-0001CF-Mb for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:22 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:34854 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ffiua-0001C7-HE for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:20 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1FD82402332F for ; Wed, 18 Jul 2018 09:38:20 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.35]) by smtp.corp.redhat.com (Postfix) with ESMTP id 43AC92156893; Wed, 18 Jul 2018 09:38:19 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Wed, 18 Jul 2018 10:38:13 +0100 Message-Id: <20180718093815.8104-3-berrange@redhat.com> In-Reply-To: <20180718093815.8104-1-berrange@redhat.com> References: <20180718093815.8104-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Wed, 18 Jul 2018 09:38:20 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Wed, 18 Jul 2018 09:38:20 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'berrange@redhat.com' RCPT:'' Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH for 3.0 2/4] tests: don't silence error reporting for all tests X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The test-vmstate test is a bit chatty because it triggers various expected failure scenarios and the code in question uses error_report instead of accepting 'Error **errp' parameters. To silence this test the stubs for error_vprintf() were changed to send errors via g_test_message() instead of stderr: commit 28017e010ddf6849cfa830e898da3e44e6610952 Author: Paolo Bonzini Date: Mon Oct 24 18:31:03 2016 +0200 tests: send error_report to test log Implement error_vprintf to send the output of error_report to the test log. This silences test-vmstate. Signed-off-by: Paolo Bonzini Message-Id: <1477326663-67817-3-git-send-email-pbonzini@redhat.com> Unfortunately this change has global impact across the entire test suite and means that when tests fail for unexpected reasons, the message is not displayed on stderr. eg when using &error_abort in a call the test merely prints Unexpected error in qcrypto_tls_session_check_certificate() at crypto/tls= session.c:280: and the actual error message is hidden, making it impossible to diagnose the failure. This is especially problematic in CI or build systems where it isn't possible to easily pass the --debug-log flag to tests and re-run with the test log visible. This change makes the previous big hammer much more nuanced, providing a flag in the stub error_vprintf() that can used on a per-test basis to silence the errors. Only the test-vmstate silences errors initially. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Tested-by: Philippe Mathieu-Daud=C3=A9 --- stubs/error-printf.c | 5 ++++- tests/test-vmstate.c | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/stubs/error-printf.c b/stubs/error-printf.c index ac6b92aa69..2199d79d28 100644 --- a/stubs/error-printf.c +++ b/stubs/error-printf.c @@ -2,9 +2,12 @@ #include "qemu-common.h" #include "qemu/error-report.h" =20 +bool silence_test_errors; + void error_vprintf(const char *fmt, va_list ap) { - if (g_test_initialized() && !g_test_subprocess()) { + if (g_test_initialized() && !g_test_subprocess() && + getenv("QTEST_SILENT_ERRORS")) { char *msg =3D g_strdup_vprintf(fmt, ap); g_test_message("%s", msg); g_free(msg); diff --git a/tests/test-vmstate.c b/tests/test-vmstate.c index 087844b6c8..42923bb1df 100644 --- a/tests/test-vmstate.c +++ b/tests/test-vmstate.c @@ -32,6 +32,7 @@ #include "../migration/qemu-file-channel.h" #include "../migration/savevm.h" #include "qemu/coroutine.h" +#include "qemu/error-report.h" #include "io/channel-file.h" =20 static char temp_file[] =3D "/tmp/vmst.test.XXXXXX"; @@ -859,6 +860,8 @@ int main(int argc, char **argv) =20 module_call_init(MODULE_INIT_QOM); =20 + setenv("QTEST_SILENT_ERRORS", "1", 1); + g_test_init(&argc, &argv, NULL); g_test_add_func("/vmstate/simple/primitive", test_simple_primitive); g_test_add_func("/vmstate/versioned/load/v1", test_load_v1); --=20 2.17.1 From nobody Sat May 4 11:44:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531906850923531.8097338398487; Wed, 18 Jul 2018 02:40:50 -0700 (PDT) Received: from localhost ([::1]:35600 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiwz-0005O4-Qo for importer@patchew.org; Wed, 18 Jul 2018 05:40:49 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50368) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiud-0003Uy-RG for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffiuc-0001D0-2g for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:23 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:53610 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ffiub-0001Ck-ST for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:22 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6F786814F0A5 for ; Wed, 18 Jul 2018 09:38:21 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.35]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7B7B22156893; Wed, 18 Jul 2018 09:38:20 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Wed, 18 Jul 2018 10:38:14 +0100 Message-Id: <20180718093815.8104-4-berrange@redhat.com> In-Reply-To: <20180718093815.8104-1-berrange@redhat.com> References: <20180718093815.8104-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 18 Jul 2018 09:38:21 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 18 Jul 2018 09:38:21 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'berrange@redhat.com' RCPT:'' Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH for 3.0 3/4] tests: use error_abort in places expecting errors X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Most of the TLS related tests are passing an in a "Error" object to methods that are expected to fail, but then ignoring any error that is set and instead asserting on a return value. This means that when an error is unexpectedly raised, no information about it is printed out, making failures hard to diagnose. Changing these tests to pass in &error_abort will make unexpected failures print messages to stderr. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Tested-by: Philippe Mathieu-Daud=C3=A9 --- tests/test-crypto-tlscredsx509.c | 11 +---- tests/test-crypto-tlssession.c | 76 ++++++++++++-------------------- tests/test-io-channel-tls.c | 24 ++++------ 3 files changed, 39 insertions(+), 72 deletions(-) diff --git a/tests/test-crypto-tlscredsx509.c b/tests/test-crypto-tlscredsx= 509.c index af2f80e89c..30f9ac4bbf 100644 --- a/tests/test-crypto-tlscredsx509.c +++ b/tests/test-crypto-tlscredsx509.c @@ -54,7 +54,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSC= redsEndpoint endpoint, "sanity-check", "yes", NULL); =20 - if (*errp) { + if (!creds) { return NULL; } return QCRYPTO_TLS_CREDS(creds); @@ -74,7 +74,6 @@ static void test_tls_creds(const void *opaque) struct QCryptoTLSCredsTestData *data =3D (struct QCryptoTLSCredsTestData *)opaque; QCryptoTLSCreds *creds; - Error *err =3D NULL; =20 #define CERT_DIR "tests/test-crypto-tlscredsx509-certs/" mkdir(CERT_DIR, 0700); @@ -113,17 +112,11 @@ static void test_tls_creds(const void *opaque) QCRYPTO_TLS_CREDS_ENDPOINT_SERVER : QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT), CERT_DIR, - &err); + data->expectFail ? NULL : &error_abort); =20 if (data->expectFail) { - error_free(err); g_assert(creds =3D=3D NULL); } else { - if (err) { - g_printerr("Failed to generate creds: %s\n", - error_get_pretty(err)); - error_free(err); - } g_assert(creds !=3D NULL); } =20 diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c index 7bd811796e..fd9acf9067 100644 --- a/tests/test-crypto-tlssession.c +++ b/tests/test-crypto-tlssession.c @@ -52,28 +52,21 @@ static ssize_t testRead(char *buf, size_t len, void *op= aque) =20 static QCryptoTLSCreds *test_tls_creds_psk_create( QCryptoTLSCredsEndpoint endpoint, - const char *dir, - Error **errp) + const char *dir) { - Error *err =3D NULL; Object *parent =3D object_get_objects_root(); Object *creds =3D object_new_with_props( TYPE_QCRYPTO_TLS_CREDS_PSK, parent, (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "testtlscredsserver" : "testtlscredsclient"), - &err, + &error_abort, "endpoint", (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "server" : "client"), "dir", dir, "priority", "NORMAL", NULL ); - - if (err) { - error_propagate(errp, err); - return NULL; - } return QCRYPTO_TLS_CREDS(creds); } =20 @@ -87,7 +80,6 @@ static void test_crypto_tls_session_psk(void) int channel[2]; bool clientShake =3D false; bool serverShake =3D false; - Error *err =3D NULL; int ret; =20 /* We'll use this for our fake client-server connection */ @@ -104,25 +96,23 @@ static void test_crypto_tls_session_psk(void) =20 clientCreds =3D test_tls_creds_psk_create( QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, - WORKDIR, - &err); + WORKDIR); g_assert(clientCreds !=3D NULL); =20 serverCreds =3D test_tls_creds_psk_create( QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, - WORKDIR, - &err); + WORKDIR); g_assert(serverCreds !=3D NULL); =20 /* Now the real part of the test, setup the sessions */ clientSess =3D qcrypto_tls_session_new( clientCreds, NULL, NULL, - QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &err); + QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &error_abort); + g_assert(clientSess !=3D NULL); + serverSess =3D qcrypto_tls_session_new( serverCreds, NULL, NULL, - QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &err); - - g_assert(clientSess !=3D NULL); + QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &error_abort); g_assert(serverSess !=3D NULL); =20 /* For handshake to work, we need to set the I/O callbacks @@ -145,7 +135,7 @@ static void test_crypto_tls_session_psk(void) int rv; if (!serverShake) { rv =3D qcrypto_tls_session_handshake(serverSess, - &err); + &error_abort); g_assert(rv >=3D 0); if (qcrypto_tls_session_get_handshake_status(serverSess) =3D= =3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) { @@ -154,7 +144,7 @@ static void test_crypto_tls_session_psk(void) } if (!clientShake) { rv =3D qcrypto_tls_session_handshake(clientSess, - &err); + &error_abort); g_assert(rv >=3D 0); if (qcrypto_tls_session_get_handshake_status(clientSess) =3D= =3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) { @@ -165,8 +155,10 @@ static void test_crypto_tls_session_psk(void) =20 =20 /* Finally make sure the server & client validation is successful. */ - g_assert(qcrypto_tls_session_check_credentials(serverSess, &err) =3D= =3D 0); - g_assert(qcrypto_tls_session_check_credentials(clientSess, &err) =3D= =3D 0); + g_assert(qcrypto_tls_session_check_credentials(serverSess, + &error_abort) =3D=3D 0); + g_assert(qcrypto_tls_session_check_credentials(clientSess, + &error_abort) =3D=3D 0); =20 object_unparent(OBJECT(serverCreds)); object_unparent(OBJECT(clientCreds)); @@ -192,17 +184,15 @@ struct QCryptoTLSSessionTestData { =20 static QCryptoTLSCreds *test_tls_creds_x509_create( QCryptoTLSCredsEndpoint endpoint, - const char *certdir, - Error **errp) + const char *certdir) { - Error *err =3D NULL; Object *parent =3D object_get_objects_root(); Object *creds =3D object_new_with_props( TYPE_QCRYPTO_TLS_CREDS_X509, parent, (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "testtlscredsserver" : "testtlscredsclient"), - &err, + &error_abort, "endpoint", (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "server" : "client"), "dir", certdir, @@ -217,11 +207,6 @@ static QCryptoTLSCreds *test_tls_creds_x509_create( "sanity-check", "no", NULL ); - - if (err) { - error_propagate(errp, err); - return NULL; - } return QCRYPTO_TLS_CREDS(creds); } =20 @@ -249,7 +234,6 @@ static void test_crypto_tls_session_x509(const void *op= aque) int channel[2]; bool clientShake =3D false; bool serverShake =3D false; - Error *err =3D NULL; int ret; =20 /* We'll use this for our fake client-server connection */ @@ -293,14 +277,12 @@ static void test_crypto_tls_session_x509(const void *= opaque) =20 clientCreds =3D test_tls_creds_x509_create( QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, - CLIENT_CERT_DIR, - &err); + CLIENT_CERT_DIR); g_assert(clientCreds !=3D NULL); =20 serverCreds =3D test_tls_creds_x509_create( QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, - SERVER_CERT_DIR, - &err); + SERVER_CERT_DIR); g_assert(serverCreds !=3D NULL); =20 acl =3D qemu_acl_init("tlssessionacl"); @@ -314,13 +296,13 @@ static void test_crypto_tls_session_x509(const void *= opaque) /* Now the real part of the test, setup the sessions */ clientSess =3D qcrypto_tls_session_new( clientCreds, data->hostname, NULL, - QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &err); + QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &error_abort); + g_assert(clientSess !=3D NULL); + serverSess =3D qcrypto_tls_session_new( serverCreds, NULL, data->wildcards ? "tlssessionacl" : NULL, - QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &err); - - g_assert(clientSess !=3D NULL); + QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &error_abort); g_assert(serverSess !=3D NULL); =20 /* For handshake to work, we need to set the I/O callbacks @@ -343,7 +325,7 @@ static void test_crypto_tls_session_x509(const void *op= aque) int rv; if (!serverShake) { rv =3D qcrypto_tls_session_handshake(serverSess, - &err); + &error_abort); g_assert(rv >=3D 0); if (qcrypto_tls_session_get_handshake_status(serverSess) =3D= =3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) { @@ -352,7 +334,7 @@ static void test_crypto_tls_session_x509(const void *op= aque) } if (!clientShake) { rv =3D qcrypto_tls_session_handshake(clientSess, - &err); + &error_abort); g_assert(rv >=3D 0); if (qcrypto_tls_session_get_handshake_status(clientSess) =3D= =3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) { @@ -365,10 +347,9 @@ static void test_crypto_tls_session_x509(const void *o= paque) /* Finally make sure the server validation does what * we were expecting */ - if (qcrypto_tls_session_check_credentials(serverSess, &err) < 0) { + if (qcrypto_tls_session_check_credentials( + serverSess, data->expectServerFail ? NULL : &error_abort) < 0)= { g_assert(data->expectServerFail); - error_free(err); - err =3D NULL; } else { g_assert(!data->expectServerFail); } @@ -376,10 +357,9 @@ static void test_crypto_tls_session_x509(const void *o= paque) /* * And the same for the client validation check */ - if (qcrypto_tls_session_check_credentials(clientSess, &err) < 0) { + if (qcrypto_tls_session_check_credentials( + clientSess, data->expectClientFail ? NULL : &error_abort) < 0)= { g_assert(data->expectClientFail); - error_free(err); - err =3D NULL; } else { g_assert(!data->expectClientFail); } diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c index bb88ee870f..4900c6d433 100644 --- a/tests/test-io-channel-tls.c +++ b/tests/test-io-channel-tls.c @@ -30,6 +30,7 @@ #include "crypto/init.h" #include "crypto/tlscredsx509.h" #include "qemu/acl.h" +#include "qapi/error.h" #include "qom/object_interfaces.h" =20 #ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT @@ -64,8 +65,7 @@ static void test_tls_handshake_done(QIOTask *task, =20 =20 static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endp= oint, - const char *certdir, - Error **errp) + const char *certdir) { Object *parent =3D object_get_objects_root(); Object *creds =3D object_new_with_props( @@ -73,7 +73,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSC= redsEndpoint endpoint, parent, (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "testtlscredsserver" : "testtlscredsclient"), - errp, + &error_abort, "endpoint", (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ? "server" : "client"), "dir", certdir, @@ -89,9 +89,6 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSC= redsEndpoint endpoint, NULL ); =20 - if (*errp) { - return NULL; - } return QCRYPTO_TLS_CREDS(creds); } =20 @@ -121,7 +118,6 @@ static void test_io_channel_tls(const void *opaque) int channel[2]; struct QIOChannelTLSHandshakeData clientHandshake =3D { false, false }; struct QIOChannelTLSHandshakeData serverHandshake =3D { false, false }; - Error *err =3D NULL; QIOChannelTest *test; GMainContext *mainloop; =20 @@ -157,14 +153,12 @@ static void test_io_channel_tls(const void *opaque) =20 clientCreds =3D test_tls_creds_create( QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, - CLIENT_CERT_DIR, - &err); + CLIENT_CERT_DIR); g_assert(clientCreds !=3D NULL); =20 serverCreds =3D test_tls_creds_create( QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, - SERVER_CERT_DIR, - &err); + SERVER_CERT_DIR); g_assert(serverCreds !=3D NULL); =20 acl =3D qemu_acl_init("channeltlsacl"); @@ -176,10 +170,10 @@ static void test_io_channel_tls(const void *opaque) } =20 clientChanSock =3D qio_channel_socket_new_fd( - channel[0], &err); + channel[0], &error_abort); g_assert(clientChanSock !=3D NULL); serverChanSock =3D qio_channel_socket_new_fd( - channel[1], &err); + channel[1], &error_abort); g_assert(serverChanSock !=3D NULL); =20 /* @@ -193,12 +187,12 @@ static void test_io_channel_tls(const void *opaque) /* Now the real part of the test, setup the sessions */ clientChanTLS =3D qio_channel_tls_new_client( QIO_CHANNEL(clientChanSock), clientCreds, - data->hostname, &err); + data->hostname, &error_abort); g_assert(clientChanTLS !=3D NULL); =20 serverChanTLS =3D qio_channel_tls_new_server( QIO_CHANNEL(serverChanSock), serverCreds, - "channeltlsacl", &err); + "channeltlsacl", &error_abort); g_assert(serverChanTLS !=3D NULL); =20 qio_channel_tls_handshake(clientChanTLS, --=20 2.17.1 From nobody Sat May 4 11:44:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531906930932265.68294475144944; Wed, 18 Jul 2018 02:42:10 -0700 (PDT) Received: from localhost ([::1]:35610 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiyE-0006aY-Im for importer@patchew.org; Wed, 18 Jul 2018 05:42:06 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50375) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffiue-0003V9-24 for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffiud-0001E2-AR for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:24 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:53612 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ffiud-0001Do-60 for qemu-devel@nongnu.org; Wed, 18 Jul 2018 05:38:23 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C31F8814F0A5 for ; Wed, 18 Jul 2018 09:38:22 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.35]) by smtp.corp.redhat.com (Postfix) with ESMTP id CBDF22156893; Wed, 18 Jul 2018 09:38:21 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Wed, 18 Jul 2018 10:38:15 +0100 Message-Id: <20180718093815.8104-5-berrange@redhat.com> In-Reply-To: <20180718093815.8104-1-berrange@redhat.com> References: <20180718093815.8104-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 18 Jul 2018 09:38:22 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 18 Jul 2018 09:38:22 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'berrange@redhat.com' RCPT:'' Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH for 3.0 4/4] tests: fix TLS handshake failure with TLS 1.3 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages sent by the handshake changes. This exposed a logic bug in the test suite which caused us to wait for the server to see handshake completion, but not wait for the client to see completion. The result was the client didn't receive the certificate for verification and the test failed. This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in its GNUTLS builds. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- tests/test-crypto-tlssession.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c index fd9acf9067..6fa9950afb 100644 --- a/tests/test-crypto-tlssession.c +++ b/tests/test-crypto-tlssession.c @@ -151,7 +151,7 @@ static void test_crypto_tls_session_psk(void) clientShake =3D true; } } - } while (!clientShake && !serverShake); + } while (!clientShake || !serverShake); =20 =20 /* Finally make sure the server & client validation is successful. */ @@ -341,7 +341,7 @@ static void test_crypto_tls_session_x509(const void *op= aque) clientShake =3D true; } } - } while (!clientShake && !serverShake); + } while (!clientShake || !serverShake); =20 =20 /* Finally make sure the server validation does what --=20 2.17.1