From nobody Sat May 30 20:11:21 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=fail(p=none dis=none)  header.from=berrange.com
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1776955718585239.99251063658937;
 Thu, 23 Apr 2026 07:48:38 -0700 (PDT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists1p.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1wFvLO-0003Iz-Vx; Thu, 23 Apr 2026 10:47:55 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <dan@berrange.com>) id 1wFuMH-0007c2-4w
 for qemu-devel@nongnu.org; Thu, 23 Apr 2026 09:44:46 -0400
Received: from us-smtp-delivery-44.mimecast.com ([207.211.30.44])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <dan@berrange.com>) id 1wFuMA-0001Xc-Ic
 for qemu-devel@nongnu.org; Thu, 23 Apr 2026 09:44:41 -0400
Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-191-4Uoe15FXOMGiXf6VkzzCbw-1; Thu,
 23 Apr 2026 09:44:28 -0400
Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 7B1AD19560BD; Thu, 23 Apr 2026 13:44:27 +0000 (UTC)
Received: from thinkbook.redhat.com (unknown [10.44.33.238])
 by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id D41811943295; Thu, 23 Apr 2026 13:44:24 +0000 (UTC)
X-MC-Unique: 4Uoe15FXOMGiXf6VkzzCbw-1
X-Mimecast-MFC-AGG-ID: 4Uoe15FXOMGiXf6VkzzCbw_1776951868
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <dan@berrange.com>
To: qemu-devel@nongnu.org
Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>,
 =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <dan@berrange.com>,
 "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Subject: [PATCH] crypto: fix client side anonymous TLS credentials
Date: Thu, 23 Apr 2026 14:44:22 +0100
Message-ID: <20260423134422.688862-1-dan@berrange.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists1p.gnu.org;
Received-SPF: softfail client-ip=207.211.30.44;
 envelope-from=dan@berrange.com;
 helo=us-smtp-delivery-44.mimecast.com
X-Spam_score_int: 14
X-Spam_score: 1.4
X-Spam_bar: +
X-Spam_report: (1.4 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7,
 RCVD_IN_SBL_CSS=3.335, SPF_HELO_PASS=-0.001,
 SPF_SOFTFAIL=0.665 autolearn=no autolearn_force=no
X-Spam_action: no action
X-Mailman-Approved-At: Thu, 23 Apr 2026 10:47:50 -0400
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZM-MESSAGEID: 1776955725080154100

The previous refactoring of credential creation failed to allocate
storage fo the anonymous TLS credentials on the client endpoint.

Fixes: 70f9fd8dbf7233bee497055a9b7825e3729ce853
Reported-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Signed-off-by: Daniel P. Berrang=C3=A9 <dan@berrange.com>
Tested-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
---
 crypto/tlscredsanon.c               |   2 +
 tests/unit/test-crypto-tlssession.c | 120 +++++++++++++++++++++++++++-
 2 files changed, 121 insertions(+), 1 deletion(-)

diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
index 1551382e1f..190c9833a7 100644
--- a/crypto/tlscredsanon.c
+++ b/crypto/tlscredsanon.c
@@ -73,6 +73,8 @@ qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
                                              box->dh_params);
         }
     } else {
+        box =3D qcrypto_tls_creds_box_new_client(GNUTLS_CRD_ANON);
+
         ret =3D gnutls_anon_allocate_client_credentials(&box->data.anoncli=
ent);
         if (ret < 0) {
             error_setg(errp, "Cannot allocate credentials: %s",
diff --git a/tests/unit/test-crypto-tlssession.c b/tests/unit/test-crypto-t=
lssession.c
index 0d06a6892e..dc7a01bb06 100644
--- a/tests/unit/test-crypto-tlssession.c
+++ b/tests/unit/test-crypto-tlssession.c
@@ -24,6 +24,7 @@
 #include "crypto-tls-psk-helpers.h"
 #include "crypto/tlscredsx509.h"
 #include "crypto/tlscredspsk.h"
+#include "crypto/tlscredsanon.h"
 #include "crypto/tlssession.h"
 #include "qom/object_interfaces.h"
 #include "qapi/error.h"
@@ -190,6 +191,121 @@ static void test_crypto_tls_session_psk(void)
 }
=20
=20
+static QCryptoTLSCreds *test_tls_creds_anon_create(
+    QCryptoTLSCredsEndpoint endpoint)
+{
+    Object *parent =3D object_get_objects_root();
+    Object *creds =3D object_new_with_props(
+        TYPE_QCRYPTO_TLS_CREDS_ANON,
+        parent,
+        (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?
+         "testtlscredsserver" : "testtlscredsclient"),
+        &error_abort,
+        "endpoint", (endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?
+                     "server" : "client"),
+        "priority", "NORMAL",
+        NULL
+        );
+    return QCRYPTO_TLS_CREDS(creds);
+}
+
+
+static void test_crypto_tls_session_anon(void)
+{
+    QCryptoTLSCreds *clientCreds;
+    QCryptoTLSCreds *serverCreds;
+    QCryptoTLSSession *clientSess =3D NULL;
+    QCryptoTLSSession *serverSess =3D NULL;
+    int channel[2];
+    bool clientShake =3D false;
+    bool serverShake =3D false;
+    int ret;
+
+    /* We'll use this for our fake client-server connection */
+    ret =3D qemu_socketpair(AF_UNIX, SOCK_STREAM, 0, channel);
+    g_assert(ret =3D=3D 0);
+
+    /*
+     * We have an evil loop to do the handshake in a single
+     * thread, so we need these non-blocking to avoid deadlock
+     * of ourselves
+     */
+    qemu_set_blocking(channel[0], false, &error_abort);
+    qemu_set_blocking(channel[1], false, &error_abort);
+
+    clientCreds =3D test_tls_creds_anon_create(
+        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT);
+    g_assert(clientCreds !=3D NULL);
+
+    serverCreds =3D test_tls_creds_anon_create(
+        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER);
+    g_assert(serverCreds !=3D NULL);
+
+    /* Now the real part of the test, setup the sessions */
+    clientSess =3D qcrypto_tls_session_new(
+        clientCreds, NULL, NULL,
+        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &error_abort);
+    g_assert(clientSess !=3D NULL);
+
+    serverSess =3D qcrypto_tls_session_new(
+        serverCreds, NULL, NULL,
+        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &error_abort);
+    g_assert(serverSess !=3D NULL);
+
+    /* For handshake to work, we need to set the I/O callbacks
+     * to read/write over the socketpair
+     */
+    qcrypto_tls_session_set_callbacks(serverSess,
+                                      testWrite, testRead,
+                                      &channel[0]);
+    qcrypto_tls_session_set_callbacks(clientSess,
+                                      testWrite, testRead,
+                                      &channel[1]);
+
+    /*
+     * Finally we loop around & around doing handshake on each
+     * session until we get an error, or the handshake completes.
+     * This relies on the socketpair being nonblocking to avoid
+     * deadlocking ourselves upon handshake
+     */
+    do {
+        int rv;
+        if (!serverShake) {
+            rv =3D qcrypto_tls_session_handshake(serverSess,
+                                               &error_abort);
+            g_assert(rv >=3D 0);
+            if (rv =3D=3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) {
+                serverShake =3D true;
+            }
+        }
+        if (!clientShake) {
+            rv =3D qcrypto_tls_session_handshake(clientSess,
+                                               &error_abort);
+            g_assert(rv >=3D 0);
+            if (rv =3D=3D QCRYPTO_TLS_HANDSHAKE_COMPLETE) {
+                clientShake =3D true;
+            }
+        }
+    } while (!clientShake || !serverShake);
+
+
+    /* Finally make sure the server & client validation is successful. */
+    g_assert(qcrypto_tls_session_check_credentials(serverSess,
+                                                   &error_abort) =3D=3D 0);
+    g_assert(qcrypto_tls_session_check_credentials(clientSess,
+                                                   &error_abort) =3D=3D 0);
+
+    object_unparent(OBJECT(serverCreds));
+    object_unparent(OBJECT(clientCreds));
+
+    qcrypto_tls_session_free(serverSess);
+    qcrypto_tls_session_free(clientSess);
+
+    close(channel[0]);
+    close(channel[1]);
+}
+
+
 struct QCryptoTLSSessionTestData {
     const char *servercacrt;
     const char *clientcacrt;
@@ -421,9 +537,11 @@ int main(int argc, char **argv)
     test_tls_init(KEYFILE);
     test_tls_psk_init(PSKFILE);
=20
-    /* Simple initial test using Pre-Shared Keys. */
+    /* Simple initial tests using Pre-Shared Keys & anon creds */
     g_test_add_func("/qcrypto/tlssession/psk",
                     test_crypto_tls_session_psk);
+    g_test_add_func("/qcrypto/tlssession/anon",
+                    test_crypto_tls_session_anon);
=20
     /* More complex tests using X.509 certificates. */
 # define TEST_SESS_REG(name, caCrt,                                     \
--=20
2.53.0