26ba25
From dc340428ac10233432dc6048c972197163eb13e7 Mon Sep 17 00:00:00 2001
26ba25
From: "Daniel P. Berrange" <berrange@redhat.com>
26ba25
Date: Tue, 24 Jul 2018 17:17:43 +0100
26ba25
Subject: [PATCH 4/4] tests: fix TLS handshake failure with TLS 1.3
26ba25
MIME-Version: 1.0
26ba25
Content-Type: text/plain; charset=UTF-8
26ba25
Content-Transfer-Encoding: 8bit
26ba25
26ba25
RH-Author: Daniel P. Berrange <berrange@redhat.com>
26ba25
Message-id: <20180724171743.10146-2-berrange@redhat.com>
26ba25
Patchwork-id: 81490
26ba25
O-Subject: [qemu-kvm RHEL8/virt212 PATCH 1/1] tests: fix TLS handshake failure with TLS 1.3
26ba25
Bugzilla: 1602403
26ba25
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
26ba25
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
26ba25
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
26ba25
26ba25
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
26ba25
sent by the handshake changes. This exposed a logic bug in the test
26ba25
suite which caused us to wait for the server to see handshake
26ba25
completion, but not wait for the client to see completion. The result
26ba25
was the client didn't receive the certificate for verification and the
26ba25
test failed.
26ba25
26ba25
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
26ba25
its GNUTLS builds.
26ba25
26ba25
Reviewed-by: Eric Blake <eblake@redhat.com>
26ba25
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
26ba25
(cherry picked from commit db0a8c70f25fe497c4b786d8edac063daa744c0d)
26ba25
26ba25
 Conflicts:
26ba25
	tests/test-crypto-tlssession.c - no PSK tests in 2.12
26ba25
26ba25
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
26ba25
---
26ba25
 tests/test-crypto-tlssession.c | 2 +-
26ba25
 1 file changed, 1 insertion(+), 1 deletion(-)
26ba25
26ba25
diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
26ba25
index 82f21c2..4416a85 100644
26ba25
--- a/tests/test-crypto-tlssession.c
26ba25
+++ b/tests/test-crypto-tlssession.c
26ba25
@@ -227,7 +227,7 @@ static void test_crypto_tls_session(const void *opaque)
26ba25
                 clientShake = true;
26ba25
             }
26ba25
         }
26ba25
-    } while (!clientShake && !serverShake);
26ba25
+    } while (!clientShake || !serverShake);
26ba25
 
26ba25
 
26ba25
     /* Finally make sure the server validation does what
26ba25
-- 
26ba25
1.8.3.1
26ba25