From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>
Subject: [Qemu-devel] [PULL 4/4] tests: fix TLS handshake failure with TLS 1.3
Date: Tue, 24 Jul 2018 17:44:48 +0100 [thread overview]
Message-ID: <20180724164448.7606-5-berrange@redhat.com> (raw)
In-Reply-To: <20180724164448.7606-1-berrange@redhat.com>
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
sent by the handshake changes. This exposed a logic bug in the test
suite which caused us to wait for the server to see handshake
completion, but not wait for the client to see completion. The result
was the client didn't receive the certificate for verification and the
test failed.
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
its GNUTLS builds.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
tests/test-crypto-tlssession.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
index fd9acf9067..6fa9950afb 100644
--- a/tests/test-crypto-tlssession.c
+++ b/tests/test-crypto-tlssession.c
@@ -151,7 +151,7 @@ static void test_crypto_tls_session_psk(void)
clientShake = true;
}
}
- } while (!clientShake && !serverShake);
+ } while (!clientShake || !serverShake);
/* Finally make sure the server & client validation is successful. */
@@ -341,7 +341,7 @@ static void test_crypto_tls_session_x509(const void *opaque)
clientShake = true;
}
}
- } while (!clientShake && !serverShake);
+ } while (!clientShake || !serverShake);
/* Finally make sure the server validation does what
--
2.17.1
next prev parent reply other threads:[~2018-07-24 16:44 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-24 16:44 [Qemu-devel] [PULL 0/4] Qcrypto next patches Daniel P. Berrangé
2018-07-24 16:44 ` [Qemu-devel] [PULL 1/4] tests: call qcrypto_init instead of gnutls_global_init Daniel P. Berrangé
2018-07-24 16:44 ` [Qemu-devel] [PULL 2/4] tests: don't silence error reporting for all tests Daniel P. Berrangé
2018-07-24 16:44 ` [Qemu-devel] [PULL 3/4] tests: use error_abort in places expecting errors Daniel P. Berrangé
2018-07-24 16:44 ` Daniel P. Berrangé [this message]
2018-07-24 19:16 ` [Qemu-devel] [PULL 0/4] Qcrypto next patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180724164448.7606-5-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).