diff options
author | Peter Maydell | 2021-01-29 20:51:25 +0100 |
---|---|---|
committer | Peter Maydell | 2021-01-29 20:51:25 +0100 |
commit | 74208cd252c5da9d867270a178799abd802b9338 (patch) | |
tree | a2cfcd1a4b5e1d970286c759da2faef0f891539f /tests | |
parent | Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210129-... (diff) | |
parent | tests: Replace deprecated ASN1 code (diff) | |
download | qemu-74208cd252c5da9d867270a178799abd802b9338.tar.gz qemu-74208cd252c5da9d867270a178799abd802b9338.tar.xz qemu-74208cd252c5da9d867270a178799abd802b9338.zip |
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging
* Replace --enable/disable-git-update with --with-git-submodules
to allow improved control over use of git submodules
* Deprecate the -enable-fips option
* Ensure docs use prefer format for bool options
* Clarify platform support rules
* Misc fixes to keymap conversions
* Fix misc problems on macOS
# gpg: Signature made Fri 29 Jan 2021 17:10:13 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
tests: Replace deprecated ASN1 code
tests: Fix runtime error in test-authz-pam
ui: update keycodemapdb submodule commit
crypto: Add spaces around operator
configure: replace --enable/disable-git-update with --with-git-submodules
docs: fix missing backslash in certtool shell example
docs: simplify and clarify the platform support rules
Prefer 'on' | 'off' over 'yes' | 'no' for bool options
os: deprecate the -enable-fips option and QEMU's FIPS enforcement
crypto: Fix memory leaks in set_loaded for tls-*
crypto: Forbid broken unloading of secrets
crypto: Move USER_CREATABLE to secret_common base class
crypto: Fix some code style problems, add spaces around operator
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/crypto-tls-x509-helpers.c | 10 | ||||
-rw-r--r-- | tests/crypto-tls-x509-helpers.h | 2 | ||||
-rw-r--r-- | tests/pkix_asn1_tab.c | 2 | ||||
-rwxr-xr-x | tests/qemu-iotests/233 | 4 | ||||
-rw-r--r-- | tests/test-authz-pam.c | 10 |
5 files changed, 18 insertions, 10 deletions
diff --git a/tests/crypto-tls-x509-helpers.c b/tests/crypto-tls-x509-helpers.c index 01b3daf358..97658592a2 100644 --- a/tests/crypto-tls-x509-helpers.c +++ b/tests/crypto-tls-x509-helpers.c @@ -30,7 +30,7 @@ * This stores some static data that is needed when * encoding extensions in the x509 certs */ -ASN1_TYPE pkix_asn1; +asn1_node pkix_asn1; /* * To avoid consuming random entropy to generate keys, @@ -139,7 +139,7 @@ void test_tls_cleanup(const char *keyfile) /* * Turns an ASN1 object into a DER encoded byte array */ -static void test_tls_der_encode(ASN1_TYPE src, +static void test_tls_der_encode(asn1_node src, const char *src_name, gnutls_datum_t *res) { @@ -317,7 +317,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req, * the 'critical' field which we want control over */ if (req->basicConstraintsEnable) { - ASN1_TYPE ext = ASN1_TYPE_EMPTY; + asn1_node ext = NULL; asn1_create_element(pkix_asn1, "PKIX1.BasicConstraints", &ext); asn1_write_value(ext, "cA", @@ -344,7 +344,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req, * to be 'critical' */ if (req->keyUsageEnable) { - ASN1_TYPE ext = ASN1_TYPE_EMPTY; + asn1_node ext = NULL; char str[2]; str[0] = req->keyUsageValue & 0xff; @@ -374,7 +374,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req, * set this the hard way building up ASN1 data ourselves */ if (req->keyPurposeEnable) { - ASN1_TYPE ext = ASN1_TYPE_EMPTY; + asn1_node ext = NULL; asn1_create_element(pkix_asn1, "PKIX1.ExtKeyUsageSyntax", &ext); if (req->keyPurposeOID1) { diff --git a/tests/crypto-tls-x509-helpers.h b/tests/crypto-tls-x509-helpers.h index 08efba4e19..8fcd7785ab 100644 --- a/tests/crypto-tls-x509-helpers.h +++ b/tests/crypto-tls-x509-helpers.h @@ -125,7 +125,7 @@ void test_tls_cleanup(const char *keyfile); }; \ test_tls_generate_cert(&varname, NULL) -extern const ASN1_ARRAY_TYPE pkix_asn1_tab[]; +extern const asn1_static_node pkix_asn1_tab[]; #endif /* QCRYPTO_HAVE_TLS_TEST_SUPPORT */ diff --git a/tests/pkix_asn1_tab.c b/tests/pkix_asn1_tab.c index f15fc515cb..4aaf736d3f 100644 --- a/tests/pkix_asn1_tab.c +++ b/tests/pkix_asn1_tab.c @@ -8,7 +8,7 @@ #ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT -const ASN1_ARRAY_TYPE pkix_asn1_tab[] = { +const asn1_static_node pkix_asn1_tab[] = { {"PKIX1", 536875024, 0}, {0, 1073741836, 0}, {"id-ce", 1879048204, 0}, diff --git a/tests/qemu-iotests/233 b/tests/qemu-iotests/233 index 7ce5764903..da150cd27b 100755 --- a/tests/qemu-iotests/233 +++ b/tests/qemu-iotests/233 @@ -84,7 +84,7 @@ echo echo "== check plain client to TLS server fails ==" nbd_server_start_tcp_socket \ - --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \ + --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \ --tls-creds tls0 \ -f $IMGFMT "$TEST_IMG" 2>> "$TEST_DIR/server.log" @@ -129,7 +129,7 @@ echo "== check TLS with authorization ==" nbd_server_stop nbd_server_start_tcp_socket \ - --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \ + --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \ --object "authz-simple,id=authz0,identity=CN=localhost,, \ O=Cthulu Dark Lord Enterprises client1,,L=R'lyeh,,C=South Pacific" \ --tls-authz authz0 \ diff --git a/tests/test-authz-pam.c b/tests/test-authz-pam.c index 1baeadee03..4fe1ef2603 100644 --- a/tests/test-authz-pam.c +++ b/tests/test-authz-pam.c @@ -28,7 +28,7 @@ static bool failauth; /* - * These two functions are exported by libpam.so. + * These three functions are exported by libpam.so. * * By defining them again here, our impls are resolved * by the linker instead of those in libpam.so @@ -50,6 +50,7 @@ pam_start(const char *service_name, const char *user, failauth = false; } + *pamh = (pam_handle_t *)0xbadeaffe; return PAM_SUCCESS; } @@ -65,6 +66,13 @@ pam_acct_mgmt(pam_handle_t *pamh, int flags) } +int +pam_end(pam_handle_t *pamh, int status) +{ + return PAM_SUCCESS; +} + + static void test_authz_unknown_service(void) { Error *local_err = NULL; |