[libvirt] [PATCH] tests: detect gnutls errors

Matthias Bolte matthias.bolte at googlemail.com
Fri Jul 22 21:55:02 UTC 2011

2011/7/22 Eric Blake <eblake at redhat.com>:
> * tests/virnettlscontexttest.c (testTLSLoadKey): Report errors.
> ---
> Something in gnutls 2.8.5 (RHEL 6) was more leniant than gnutls
> 2.8.6 (Fedora 14).  This still doesn't solve the failure, but at
> least gets us to see that newer gnutls_x509_privkey_import doesn't
> like our define of PRIVATE_KEY.

Replacing the PRIVATE_KEY with a new one makes the test work better
for me with gnutls 2.8.6. I generated the key like this

  certtool --generate-privkey | sed -e 's/^\(.*\)$/\"\1\\n\" \\/'

This gives me this output

$ ./virnettlscontexttest
TEST: virnettlscontexttest
      ............................!!!......... 40
      ........                                 48  FAIL

The failing test are those three, that are expected to fail, but don't
as it seems

    /* Expired stuff */
    DO_CTX_TEST(true, cacertexpreq, servercertreq, true);
    DO_CTX_TEST(true, cacertreq, servercertexpreq, true);
    DO_CTX_TEST(false, cacertreq, clientcertexpreq, true);

When we assume that this test worked for Dan with gnutls 2.8.5, what
does it means that those three tests are failing for me with gnutls
2.8.6? Here's are some random ideas

a) there is a bug in the testcase that causes this
b) there is a bug in the tested code in libvirt that causes this
c) there is a bug in gnutls 2.8.6 that causes this
d) there is a bug in gnutls 2.8.5 that makes the broken test pass
e) etc

I'm not sure.

Matthias Bolte

More information about the libvir-list mailing list