summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorPeter Maydell2021-01-29 20:51:25 +0100
committerPeter Maydell2021-01-29 20:51:25 +0100
commit74208cd252c5da9d867270a178799abd802b9338 (patch)
treea2cfcd1a4b5e1d970286c759da2faef0f891539f /tests
parentMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210129-... (diff)
parenttests: Replace deprecated ASN1 code (diff)
downloadqemu-74208cd252c5da9d867270a178799abd802b9338.tar.gz
qemu-74208cd252c5da9d867270a178799abd802b9338.tar.xz
qemu-74208cd252c5da9d867270a178799abd802b9338.zip
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging
* Replace --enable/disable-git-update with --with-git-submodules to allow improved control over use of git submodules * Deprecate the -enable-fips option * Ensure docs use prefer format for bool options * Clarify platform support rules * Misc fixes to keymap conversions * Fix misc problems on macOS # gpg: Signature made Fri 29 Jan 2021 17:10:13 GMT # gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full] # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full] # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange-gitlab/tags/misc-fixes-pull-request: tests: Replace deprecated ASN1 code tests: Fix runtime error in test-authz-pam ui: update keycodemapdb submodule commit crypto: Add spaces around operator configure: replace --enable/disable-git-update with --with-git-submodules docs: fix missing backslash in certtool shell example docs: simplify and clarify the platform support rules Prefer 'on' | 'off' over 'yes' | 'no' for bool options os: deprecate the -enable-fips option and QEMU's FIPS enforcement crypto: Fix memory leaks in set_loaded for tls-* crypto: Forbid broken unloading of secrets crypto: Move USER_CREATABLE to secret_common base class crypto: Fix some code style problems, add spaces around operator Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/crypto-tls-x509-helpers.c10
-rw-r--r--tests/crypto-tls-x509-helpers.h2
-rw-r--r--tests/pkix_asn1_tab.c2
-rwxr-xr-xtests/qemu-iotests/2334
-rw-r--r--tests/test-authz-pam.c10
5 files changed, 18 insertions, 10 deletions
diff --git a/tests/crypto-tls-x509-helpers.c b/tests/crypto-tls-x509-helpers.c
index 01b3daf358..97658592a2 100644
--- a/tests/crypto-tls-x509-helpers.c
+++ b/tests/crypto-tls-x509-helpers.c
@@ -30,7 +30,7 @@
* This stores some static data that is needed when
* encoding extensions in the x509 certs
*/
-ASN1_TYPE pkix_asn1;
+asn1_node pkix_asn1;
/*
* To avoid consuming random entropy to generate keys,
@@ -139,7 +139,7 @@ void test_tls_cleanup(const char *keyfile)
/*
* Turns an ASN1 object into a DER encoded byte array
*/
-static void test_tls_der_encode(ASN1_TYPE src,
+static void test_tls_der_encode(asn1_node src,
const char *src_name,
gnutls_datum_t *res)
{
@@ -317,7 +317,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req,
* the 'critical' field which we want control over
*/
if (req->basicConstraintsEnable) {
- ASN1_TYPE ext = ASN1_TYPE_EMPTY;
+ asn1_node ext = NULL;
asn1_create_element(pkix_asn1, "PKIX1.BasicConstraints", &ext);
asn1_write_value(ext, "cA",
@@ -344,7 +344,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req,
* to be 'critical'
*/
if (req->keyUsageEnable) {
- ASN1_TYPE ext = ASN1_TYPE_EMPTY;
+ asn1_node ext = NULL;
char str[2];
str[0] = req->keyUsageValue & 0xff;
@@ -374,7 +374,7 @@ test_tls_generate_cert(QCryptoTLSTestCertReq *req,
* set this the hard way building up ASN1 data ourselves
*/
if (req->keyPurposeEnable) {
- ASN1_TYPE ext = ASN1_TYPE_EMPTY;
+ asn1_node ext = NULL;
asn1_create_element(pkix_asn1, "PKIX1.ExtKeyUsageSyntax", &ext);
if (req->keyPurposeOID1) {
diff --git a/tests/crypto-tls-x509-helpers.h b/tests/crypto-tls-x509-helpers.h
index 08efba4e19..8fcd7785ab 100644
--- a/tests/crypto-tls-x509-helpers.h
+++ b/tests/crypto-tls-x509-helpers.h
@@ -125,7 +125,7 @@ void test_tls_cleanup(const char *keyfile);
}; \
test_tls_generate_cert(&varname, NULL)
-extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
+extern const asn1_static_node pkix_asn1_tab[];
#endif /* QCRYPTO_HAVE_TLS_TEST_SUPPORT */
diff --git a/tests/pkix_asn1_tab.c b/tests/pkix_asn1_tab.c
index f15fc515cb..4aaf736d3f 100644
--- a/tests/pkix_asn1_tab.c
+++ b/tests/pkix_asn1_tab.c
@@ -8,7 +8,7 @@
#ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT
-const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
+const asn1_static_node pkix_asn1_tab[] = {
{"PKIX1", 536875024, 0},
{0, 1073741836, 0},
{"id-ce", 1879048204, 0},
diff --git a/tests/qemu-iotests/233 b/tests/qemu-iotests/233
index 7ce5764903..da150cd27b 100755
--- a/tests/qemu-iotests/233
+++ b/tests/qemu-iotests/233
@@ -84,7 +84,7 @@ echo
echo "== check plain client to TLS server fails =="
nbd_server_start_tcp_socket \
- --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \
+ --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \
--tls-creds tls0 \
-f $IMGFMT "$TEST_IMG" 2>> "$TEST_DIR/server.log"
@@ -129,7 +129,7 @@ echo "== check TLS with authorization =="
nbd_server_stop
nbd_server_start_tcp_socket \
- --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \
+ --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \
--object "authz-simple,id=authz0,identity=CN=localhost,, \
O=Cthulu Dark Lord Enterprises client1,,L=R'lyeh,,C=South Pacific" \
--tls-authz authz0 \
diff --git a/tests/test-authz-pam.c b/tests/test-authz-pam.c
index 1baeadee03..4fe1ef2603 100644
--- a/tests/test-authz-pam.c
+++ b/tests/test-authz-pam.c
@@ -28,7 +28,7 @@
static bool failauth;
/*
- * These two functions are exported by libpam.so.
+ * These three functions are exported by libpam.so.
*
* By defining them again here, our impls are resolved
* by the linker instead of those in libpam.so
@@ -50,6 +50,7 @@ pam_start(const char *service_name, const char *user,
failauth = false;
}
+ *pamh = (pam_handle_t *)0xbadeaffe;
return PAM_SUCCESS;
}
@@ -65,6 +66,13 @@ pam_acct_mgmt(pam_handle_t *pamh, int flags)
}
+int
+pam_end(pam_handle_t *pamh, int status)
+{
+ return PAM_SUCCESS;
+}
+
+
static void test_authz_unknown_service(void)
{
Error *local_err = NULL;