From: Daniel P. Berrangé Date: Wed, 28 Feb 2018 14:04:38 +0000 (+0000) Subject: crypto: ensure we use a predictable TLS priority setting X-Git-Tag: v2.11.2~8 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2ab0ce6e8d94471ef4add86321fab7b476f82fac;p=thirdparty%2Fqemu.git crypto: ensure we use a predictable TLS priority setting The TLS test cert generation relies on a fixed set of algorithms that are only usable under GNUTLS' default priority setting. When building QEMU with a custom distro specific priority setting, this can cause the TLS tests to fail. By forcing the tests to always use "NORMAL" priority we can make them more robust. Reviewed-by: Eric Blake Signed-off-by: Daniel P. Berrangé (cherry picked from commit 057ad0b46992e3ec4ce29b9103162aa3c683f347) Signed-off-by: Michael Roth --- diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c index 1a4a066d76c..82f21c27f27 100644 --- a/tests/test-crypto-tlssession.c +++ b/tests/test-crypto-tlssession.c @@ -75,6 +75,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endpoint, "server" : "client"), "dir", certdir, "verify-peer", "yes", + "priority", "NORMAL", /* We skip initial sanity checks here because we * want to make sure that problems are being * detected at the TLS session validation stage, diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c index a210d01ba53..47ba603e8d8 100644 --- a/tests/test-io-channel-tls.c +++ b/tests/test-io-channel-tls.c @@ -78,6 +78,7 @@ static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endpoint, "server" : "client"), "dir", certdir, "verify-peer", "yes", + "priority", "NORMAL", /* We skip initial sanity checks here because we * want to make sure that problems are being * detected at the TLS session validation stage,