[PULL,4/4] tests: fix TLS handshake failure with TLS 1.3

Message ID	20180724164448.7606-5-berrange@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com> To: qemu-devel@nongnu.org Date: Tue, 24 Jul 2018 17:44:48 +0100 Message-Id: <20180724164448.7606-5-berrange@redhat.com> In-Reply-To: <20180724164448.7606-1-berrange@redhat.com> References: <20180724164448.7606-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] [PULL 4/4] tests: fix TLS handshake failure with TLS 1.3 Precedence: list Cc: Peter Maydell <peter.maydell@linaro.org> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	[PULL,1/4] tests: call qcrypto_init instead of gnutls_global_init \| expand [PULL,1/4] tests: call qcrypto_init instead of gnutls_global_init [PULL,2/4] tests: don't silence error reporting for all tests [PULL,3/4] tests: use error_abort in places expecting errors [PULL,4/4] tests: fix TLS handshake failure with TLS 1.3

Message ID

20180724164448.7606-5-berrange@redhat.com

State

New

Headers

From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>
To: qemu-devel@nongnu.org
Date: Tue, 24 Jul 2018 17:44:48 +0100
Message-Id: <20180724164448.7606-5-berrange@redhat.com>
In-Reply-To: <20180724164448.7606-1-berrange@redhat.com>
References: <20180724164448.7606-1-berrange@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PULL 4/4] tests: fix TLS handshake failure with TLS
	1.3
Precedence: list
Cc: Peter Maydell <peter.maydell@linaro.org>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

[PULL,1/4] tests: call qcrypto_init instead of gnutls_global_init | expand

Commit Message

Daniel P. Berrangé July 24, 2018, 4:44 p.m. UTC

When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
sent by the handshake changes. This exposed a logic bug in the test
suite which caused us to wait for the server to see handshake
completion, but not wait for the client to see completion. The result
was the client didn't receive the certificate for verification and the
test failed.

This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
its GNUTLS builds.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 tests/test-crypto-tlssession.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
index fd9acf9067..6fa9950afb 100644
--- a/tests/test-crypto-tlssession.c
+++ b/tests/test-crypto-tlssession.c
@@ -151,7 +151,7 @@  static void test_crypto_tls_session_psk(void)
                 clientShake = true;
             }
         }
-    } while (!clientShake && !serverShake);
+    } while (!clientShake || !serverShake);
 
 
     /* Finally make sure the server & client validation is successful. */
@@ -341,7 +341,7 @@  static void test_crypto_tls_session_x509(const void *opaque)
                 clientShake = true;
             }
         }
-    } while (!clientShake && !serverShake);
+    } while (!clientShake || !serverShake);
 
 
     /* Finally make sure the server validation does what

[PULL,4/4] tests: fix TLS handshake failure with TLS 1.3

Commit Message

Patch