Temp hack for gnutls 3.5.6 regression

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-12-05 12:06:04 +00:00 · 2016-12-05 12:06:04 +00:00 · 10b7d235e3
parent 232e2e7de2
commit 10b7d235e3
2 changed files with 51 additions and 0 deletions
--- a/0001-tests-blacklist-gnutls-3.5.6-for-wildcard-tests.patch
+++ b/0001-tests-blacklist-gnutls-3.5.6-for-wildcard-tests.patch
@ -0,0 +1,47 @@
+From 93c2b9d2f01e878ed86566620130089aba61580f Mon Sep 17 00:00:00 2001
+From: "Daniel P. Berrange" <berrange@redhat.com>
+Date: Mon, 5 Dec 2016 11:47:04 +0000
+Subject: [PATCH] tests: blacklist gnutls 3.5.6 for wildcard tests
+
+GNUTLS 3.5.6 broke wildcard support by reversing the
+fields in the reported dname. This regression will
+be fixed in 3.5.7, so rather than workaround it in
+libvirt we just blacklist that version
+
+ https://lists.gnupg.org/pipermail/gnutls-devel/2016-November/008224.html
+
+Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+---
+ tests/virnettlssessiontest.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
+index 0d2e106..b146072 100644
+--- a/tests/virnettlssessiontest.c
+++ b/tests/virnettlssessiontest.c
+@@ -374,6 +374,14 @@ mymain(void)
+     DO_SESS_TEST(cacertreq.filename, servercertalt2req.filename, clientcertreq.filename,
+                  false, false, "wiki.libvirt.org", NULL);
+ 
+#if GNUTLS_VERSION_NUMBER != 0x030506
+    /*
+     * GNUTLS 3.5.6 broke wildcard support by reversing the
+     * fields in the reported dname. This regression will
+     * be fixed in 3.5.7, so rather than workaround it in
+     * libvirt we just blacklist that version
+     * https://lists.gnupg.org/pipermail/gnutls-devel/2016-November/008224.html
+     */
+     const char *const wildcards1[] = {
+         "C=UK,CN=dogfood",
+         NULL,
+@@ -412,6 +420,7 @@ mymain(void)
+                  false, false, "libvirt.org", wildcards5);
+     DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
+                  false, false, "libvirt.org", wildcards6);
+#endif
+ 
+     TLS_ROOT_REQ(cacertrootreq,
+                  "UK", "libvirt root", NULL, NULL, NULL, NULL,
+-- 
+2.9.3
+
--- a/libvirt.spec
+++ b/libvirt.spec
@ -237,6 +237,10 @@ URL: http://libvirt.org/
    %define mainturl stable_updates/
 %endif
 Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.xz
+# Temporarily disable wildcard tests due to gnutls 3.5.6
+# regression. Remove when gnutls 3.5.7 arrives
+# https://bugzilla.redhat.com/show_bug.cgi?id=1394318
+Patch1: 0001-tests-blacklist-gnutls-3.5.6-for-wildcard-tests.patch

 Requires: libvirt-daemon = %{version}-%{release}
 Requires: libvirt-daemon-config-network = %{version}-%{release}