[libvirt] [PATCH] Fix TLS test suites with gnutls 3.6.0
Peter Krempa
pkrempa at redhat.com
Wed Aug 30 08:16:47 UTC 2017
On Tue, Aug 29, 2017 at 16:25:56 +0100, Daniel Berrange wrote:
> With gnutls 3.6.0, SHA1 is no longer accepted for certificate
> signatures. We must usw SHA256 instead.
s/usw/use/
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> tests/virnettlshelpers.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tests/virnettlshelpers.c b/tests/virnettlshelpers.c
> index 531d0b907..b735c4e2f 100644
> --- a/tests/virnettlshelpers.c
> +++ b/tests/virnettlshelpers.c
> @@ -384,7 +384,7 @@ testTLSGenerateCert(struct testTLSCertReq *req,
> * If no 'ca' is set then we are self signing
> * the cert. This is done for the root CA certs
> */
> - if ((err = gnutls_x509_crt_sign(crt, ca ? ca : crt, privkey)) < 0) {
> + if ((err = gnutls_x509_crt_sign2(crt, ca ? ca : crt, privkey, GNUTLS_DIG_SHA256, 0)) < 0) {
> VIR_WARN("Failed to sign certificate %s", gnutls_strerror(err));
> abort();
> }
ACK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170830/fedec672/attachment-0001.sig>
More information about the libvir-list
mailing list