From: Eric Blake <eblake@redhat.com>
To: qemu-devel@nongnu.org
Cc: qemu-block@nongnu.org, thuth@redhat.com, berrange@redhat.com,
Kevin Wolf <kwolf@redhat.com>, Max Reitz <mreitz@redhat.com>
Subject: [Qemu-devel] [PATCH] iotests: Avoid SIGPIPE death to certtool
Date: Tue, 19 Feb 2019 10:09:20 -0600 [thread overview]
Message-ID: <20190219160920.32705-1-eblake@redhat.com> (raw)
Our use of 'head -1' to log less output of certtool during
iotest 233 could result in certtool dying early due to SIGPIPE
if it generates enough output; if that happens, the certificate
it was supposed to generate may be zero length, which causes
failures such as:
== check TLS client to plain server fails ==
-qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls)
-server reported: TLS not configured
-qemu-nbd: Denied by server for option 5 (starttls)
-server reported: TLS not configured
+qemu-nbd: Unable to import client certificate /tmp/qemu-iotests-quick-28354/tls/client1/client-cert.pem: Base64 unexpected header error.
Fix the pipelines to consume all output.
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
---
tests/qemu-iotests/common.tls | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/qemu-iotests/common.tls b/tests/qemu-iotests/common.tls
index eae81789bbc..15c6e8c8425 100644
--- a/tests/qemu-iotests/common.tls
+++ b/tests/qemu-iotests/common.tls
@@ -74,7 +74,7 @@ EOF
certtool --generate-self-signed \
--load-privkey "${tls_dir}/key.pem" \
--template "${tls_dir}/ca.info" \
- --outfile "${tls_dir}/$name-cert.pem" 2>&1 | head -1
+ --outfile "${tls_dir}/$name-cert.pem" 2>&1 | sed -n 1p
rm -f "${tls_dir}/ca.info"
}
@@ -103,7 +103,7 @@ EOF
--load-ca-certificate "${tls_dir}/$caname-cert.pem" \
--load-privkey "${tls_dir}/key.pem" \
--template "${tls_dir}/cert.info" \
- --outfile "${tls_dir}/$name/server-cert.pem" 2>&1 | head -1
+ --outfile "${tls_dir}/$name/server-cert.pem" 2>&1 | sed -n 1p
ln -s "${tls_dir}/$caname-cert.pem" "${tls_dir}/$name/ca-cert.pem"
ln -s "${tls_dir}/key.pem" "${tls_dir}/$name/server-key.pem"
@@ -132,7 +132,7 @@ EOF
--load-ca-certificate "${tls_dir}/$caname-cert.pem" \
--load-privkey "${tls_dir}/key.pem" \
--template "${tls_dir}/cert.info" \
- --outfile "${tls_dir}/$name/client-cert.pem" 2>&1 | head -1
+ --outfile "${tls_dir}/$name/client-cert.pem" 2>&1 | sed -n 1p
ln -s "${tls_dir}/$caname-cert.pem" "${tls_dir}/$name/ca-cert.pem"
ln -s "${tls_dir}/key.pem" "${tls_dir}/$name/client-key.pem"
--
2.20.1
next reply other threads:[~2019-02-19 16:09 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-19 16:09 Eric Blake [this message]
2019-02-19 16:13 ` [Qemu-devel] [PATCH] iotests: Avoid SIGPIPE death to certtool Thomas Huth
2019-02-19 16:14 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190219160920.32705-1-eblake@redhat.com \
--to=eblake@redhat.com \
--cc=berrange@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).