aboutsummaryrefslogtreecommitdiff
path: root/tests/test-io-channel-tls.c
AgeCommit message (Collapse)AuthorFilesLines
2019-12-17glib: use portable g_setenv()Marc-André Lureau1-1/+1
We have a setenv() wrapper in os-win32.c that no one is actually using. Drop it and change to g_setenv() uniformly. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <1576074210-52834-7-git-send-email-pbonzini@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-06-12Include qemu/module.h where needed, drop it from qemu-common.hMarkus Armbruster1-0/+1
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190523143508.25387-4-armbru@redhat.com> [Rebased with conflicts resolved automatically, except for hw/usb/dev-hub.c hw/misc/exynos4210_rng.c hw/misc/bcm2835_rng.c hw/misc/aspeed_scu.c hw/display/virtio-vga.c hw/arm/stm32f205_soc.c; ui/cocoa.m fixed up]
2019-02-26authz: delete existing ACL implementationDaniel P. Berrange1-5/+11
The 'qemu_acl' type was a previous non-QOM based attempt to provide an authorization facility in QEMU. Because it is non-QOM based it cannot be created via the command line and requires special monitor commands to manipulate it. The new QAuthZ subclasses provide a superset of the functionality in qemu_acl, so the latter can now be deleted. The HMP 'acl_*' monitor commands are converted to use the new QAuthZSimple data type instead in order to provide temporary backwards compatibility. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-07-24tests: use error_abort in places expecting errorsDaniel P. Berrangé1-15/+9
Most of the TLS related tests are passing an in a "Error" object to methods that are expected to fail, but then ignoring any error that is set and instead asserting on a return value. This means that when an error is unexpectedly raised, no information about it is printed out, making failures hard to diagnose. Changing these tests to pass in &error_abort will make unexpected failures print messages to stderr. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-04-06crypto: ensure we use a predictable TLS priority settingDaniel P. Berrangé1-0/+1
The TLS test cert generation relies on a fixed set of algorithms that are only usable under GNUTLS' default priority setting. When building QEMU with a custom distro specific priority setting, this can cause the TLS tests to fail. By forcing the tests to always use "NORMAL" priority we can make them more robust. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06qio: non-default context for TLS handshakePeter Xu1-0/+2
A new parameter "context" is added to qio_channel_tls_handshake() is to allow the TLS to be run on a non-default context. Still, no functional change. Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2017-09-05io: fix check for handshake completion in TLS testDaniel P. Berrange1-1/+1
The TLS I/O channel test had mistakenly used && instead of || when checking for handshake completion. As a result it could terminate the handshake process before it had actually completed. This was harmless before but changes in GNUTLS 3.6.0 exposed this bug and caused the test suite to fail. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-09-04io: fix temp directory used by test-io-channel-tls testDaniel P. Berrange1-2/+2
The test-io-channel-tls test was mistakenly using two of the same directories as test-crypto-tlssession. This causes a sporadic failure when using make -j$BIGNUM. Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-01-23io: change the QIOTask callback signatureDaniel P. Berrange1-3/+2
Currently the QIOTaskFunc signature takes an Object * for the source, and an Error * for any error. We also need to be able to provide a result pointer. Rather than continue to add parameters to QIOTaskFunc, remove the existing ones and simply pass the QIOTask object instead. This has methods to access all the other data items required in the callback impl. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-10-19crypto: fix initialization of crypto in testsDaniel P. Berrange1-0/+3
The test-io-channel-tls test was missing a call to qcrypto_init and test-crypto-hash was initializing it multiple times, Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-02-16tests: Clean up includesPeter Maydell1-3/+1
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com>
2015-12-18io: add QIOChannelTLS classDaniel P. Berrange1-0/+342
Add a QIOChannel subclass that can run the TLS protocol over the top of another QIOChannel instance. The object provides a simplified API to perform the handshake when starting the TLS session. The layering of TLS over the underlying channel does not have to be setup immediately. It is possible to take an existing QIOChannel that has done some handshake and then swap in the QIOChannelTLS layer. This allows for use with protocols which start TLS right away, and those which start plain text and then negotiate TLS. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>