On Mon, Mar 05, 2018 at 01:28:24PM +0000, Daniel P. Berrangé wrote:
> When generating certificates we rely on GNUTLS' built-in default setup
> for the ciphers used in the certs. We then currently run with the distro
> specific TLS priority setup which can be much stronger, to the extent
> that the certificates we generate are considered untrustworthy. We don't
> care about the quality of the ciphers we use in the test suite, so just
> force the priority to "NORMAL" which should ensure our certs are
> accepted by GNUTLS.
> 
> Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
> ---

Pushing this as a build fix, since our CentOS CI is broken now it has
pulled in latest rawhide packages.

>  tests/virnettlscontexttest.c | 4 ++--
>  tests/virnettlssessiontest.c | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
> index 089c10e964..86647f3014 100644
> --- a/tests/virnettlscontexttest.c
> +++ b/tests/virnettlscontexttest.c
> @@ -72,7 +72,7 @@ static int testTLSContextInit(const void *opaque)
>                                           data->crt,
>                                           KEYFILE,
>                                           NULL,
> -                                         NULL,
> +                                         "NORMAL",
>                                           true,
>                                           true);
>      } else {
> @@ -80,7 +80,7 @@ static int testTLSContextInit(const void *opaque)
>                                           NULL,
>                                           data->crt,
>                                           KEYFILE,
> -                                         NULL,
> +                                         "NORMAL",
>                                           true,
>                                           true);
>      }
> diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
> index 6d639e5b16..7e85607181 100644
> --- a/tests/virnettlssessiontest.c
> +++ b/tests/virnettlssessiontest.c
> @@ -113,7 +113,7 @@ static int testTLSSessionInit(const void *opaque)
>                                             data->servercrt,
>                                             KEYFILE,
>                                             data->wildcards,
> -                                           NULL,
> +                                           "NORMAL",
>                                             false,
>                                             true);
>  
> @@ -121,7 +121,7 @@ static int testTLSSessionInit(const void *opaque)
>                                             NULL,
>                                             data->clientcrt,
>                                             KEYFILE,
> -                                           NULL,
> +                                           "NORMAL",
>                                             false,
>                                             true);
>  
> -- 
> 2.14.3
> 

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Reply via email to