|
|
ae23c9 |
From dc340428ac10233432dc6048c972197163eb13e7 Mon Sep 17 00:00:00 2001
|
|
|
ae23c9 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
ae23c9 |
Date: Tue, 24 Jul 2018 17:17:43 +0100
|
|
|
ae23c9 |
Subject: [PATCH 4/4] tests: fix TLS handshake failure with TLS 1.3
|
|
|
ae23c9 |
MIME-Version: 1.0
|
|
|
ae23c9 |
Content-Type: text/plain; charset=UTF-8
|
|
|
ae23c9 |
Content-Transfer-Encoding: 8bit
|
|
|
ae23c9 |
|
|
|
ae23c9 |
RH-Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
ae23c9 |
Message-id: <20180724171743.10146-2-berrange@redhat.com>
|
|
|
ae23c9 |
Patchwork-id: 81490
|
|
|
ae23c9 |
O-Subject: [qemu-kvm RHEL8/virt212 PATCH 1/1] tests: fix TLS handshake failure with TLS 1.3
|
|
|
ae23c9 |
Bugzilla: 1602403
|
|
|
ae23c9 |
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
|
ae23c9 |
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
|
ae23c9 |
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
|
|
|
ae23c9 |
|
|
|
ae23c9 |
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
|
|
|
ae23c9 |
sent by the handshake changes. This exposed a logic bug in the test
|
|
|
ae23c9 |
suite which caused us to wait for the server to see handshake
|
|
|
ae23c9 |
completion, but not wait for the client to see completion. The result
|
|
|
ae23c9 |
was the client didn't receive the certificate for verification and the
|
|
|
ae23c9 |
test failed.
|
|
|
ae23c9 |
|
|
|
ae23c9 |
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
|
|
|
ae23c9 |
its GNUTLS builds.
|
|
|
ae23c9 |
|
|
|
ae23c9 |
Reviewed-by: Eric Blake <eblake@redhat.com>
|
|
|
ae23c9 |
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
|
ae23c9 |
(cherry picked from commit db0a8c70f25fe497c4b786d8edac063daa744c0d)
|
|
|
ae23c9 |
|
|
|
ae23c9 |
Conflicts:
|
|
|
ae23c9 |
tests/test-crypto-tlssession.c - no PSK tests in 2.12
|
|
|
ae23c9 |
|
|
|
ae23c9 |
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
|
ae23c9 |
---
|
|
|
ae23c9 |
tests/test-crypto-tlssession.c | 2 +-
|
|
|
ae23c9 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
ae23c9 |
|
|
|
ae23c9 |
diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
|
|
|
ae23c9 |
index 82f21c2..4416a85 100644
|
|
|
ae23c9 |
--- a/tests/test-crypto-tlssession.c
|
|
|
ae23c9 |
+++ b/tests/test-crypto-tlssession.c
|
|
|
ae23c9 |
@@ -227,7 +227,7 @@ static void test_crypto_tls_session(const void *opaque)
|
|
|
ae23c9 |
clientShake = true;
|
|
|
ae23c9 |
}
|
|
|
ae23c9 |
}
|
|
|
ae23c9 |
- } while (!clientShake && !serverShake);
|
|
|
ae23c9 |
+ } while (!clientShake || !serverShake);
|
|
|
ae23c9 |
|
|
|
ae23c9 |
|
|
|
ae23c9 |
/* Finally make sure the server validation does what
|
|
|
ae23c9 |
--
|
|
|
ae23c9 |
1.8.3.1
|
|
|
ae23c9 |
|