Commit Graph

53 Commits

Author SHA1 Message Date
Ján Tomko
67e72053c1 Use G_N_ELEMENTS instead of ARRAY_CARDINALITY
Prefer the GLib version of the macro.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2019-10-15 16:14:19 +02:00
Roman Bolshakov
fde361083d tests: Add lib- prefix to all mocks
In preparation libtool "-module" flag removal, add lib prefix to all
mock shared objects.

While at it, introduce VIR_TEST_MOCK macros that makes path out of mock
name to be used with VIR_TEST_PRELOAD or VIR_TEST_MAIN_PRELOAD.  That,
hopefully, improves readability, reduces line length and allows to
tailor VIR_TEST_MOCK for specific platform if it has shared library
suffix different from ".so".

Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
2019-08-23 11:26:26 +01:00
Peter Krempa
f785318187 Revert "Include unistd.h directly by files using it"
This reverts commit a5e1602090.

Getting rid of unistd.h from our headers will require more work than
just fixing the broken mingw build. Revert it until I have a more
complete proposal.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2019-04-10 12:26:32 +02:00
Peter Krempa
a5e1602090 Include unistd.h directly by files using it
util/virutil.h bogously included unistd.h. Drop it and replace it by
including it directly where needed.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2019-04-10 09:12:04 +02:00
Daniel P. Berrangé
600462834f Remove all Author(s): lines from source file headers
In many files there are header comments that contain an Author:
statement, supposedly reflecting who originally wrote the code.
In a large collaborative project like libvirt, any non-trivial
file will have been modified by a large number of different
contributors. IOW, the Author: comments are quickly out of date,
omitting people who have made significant contribitions.

In some places Author: lines have been added despite the person
merely being responsible for creating the file by moving existing
code out of another file. IOW, the Author: lines give an incorrect
record of authorship.

With this all in mind, the comments are useless as a means to identify
who to talk to about code in a particular file. Contributors will always
be better off using 'git log' and 'git blame' if they need to  find the
author of a particular bit of code.

This commit thus deletes all Author: comments from the source and adds
a rule to prevent them reappearing.

The Copyright headers are similarly misleading and inaccurate, however,
we cannot delete these as they have legal meaning, despite being largely
inaccurate. In addition only the copyright holder is permitted to change
their respective copyright statement.

Reviewed-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-12-13 16:08:38 +00:00
Erik Skultety
5165ff0971 src: More cleanup of some system headers already contained in internal.h
All of the ones being removed are pulled in by internal.h. The only
exception is sanlock which expects the application to include <stdint.h>
before sanlock's headers, because sanlock prototypes use fixed width
int, but they don't include stdint.h themselves, so we have to leave
that one in place.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Acked-by: Michal Privoznik <mprivozn@redhat.com>
2018-09-20 10:16:39 +02:00
Daniel P. Berrangé
874306dde1 tests: force use of "NORMAL" TLS priority in test suite
When generating certificates we rely on GNUTLS' built-in default setup
for the ciphers used in the certs. We then currently run with the distro
specific TLS priority setup which can be much stronger, to the extent
that the certificates we generate are considered untrustworthy. We don't
care about the quality of the ciphers we use in the test suite, so just
force the priority to "NORMAL" which should ensure our certs are
accepted by GNUTLS.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06 10:09:44 +00:00
Andrea Bolognani
3e7db8d3e8 Remove backslash alignment attempts
Right-aligning backslashes when defining macros or using complex
commands in Makefiles looks cute, but as soon as any changes is
required to the code you end up with either distractingly broken
alignment or unnecessarily big diffs where most of the changes
are just pushing all backslashes a few characters to one side.

Generated using

  $ git grep -El '[[:blank:]][[:blank:]]\\$' | \
    grep -E '*\.([chx]|am|mk)$$' | \
    while read f; do \
      sed -Ei 's/[[:blank:]]*[[:blank:]]\\$/ \\/g' "$f"; \
    done

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2017-11-03 13:24:12 +01:00
Andrea Bolognani
4ceac4bf29 tests: Rename VIRT_TEST_* macros to VIR_TEST_*
We use the "vir" prefix pretty consistently in our
APIs, both external and internal, which made these
macros stood out.
2017-04-04 17:30:03 +02:00
Ján Tomko
743bda062b tests: mock gnutls_dh_params_generate2
This function generates some big random numbers.

Cache the result and supply it to any subsequent generate2 calls.
2016-06-20 18:12:53 +02:00
Tomáš Ryšavý
cd7dd1508d tests: Rename virtTestRun to virTestRun.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Daniel P. Berrange
214489f550 rpc: allow priority string to be passed to TLS context
Extend the virNetTLSContextNew* constructors to allow
the TLS priority string to be passed in, overriding the
compile time default.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Cole Robinson
4902231777 tests: virtnettlscontexttest: Use virGetLastErrorMessage()
Use virGetLastErrorMessage() rather than open code it
2016-03-28 13:27:47 -04:00
Giuseppe Scrivano
8afbd52f29 tests: force FIPS testing mode with new enough GNU TLS versions
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-09-04 11:56:39 +02:00
Ján Tomko
2dcdb7f654 Indent top-level labels by one space in tests/ 2014-03-25 14:58:41 +01:00
Daniel P. Berrange
2835c1e730 Add virLogSource variables to all source files
Any source file which calls the logging APIs now needs
to have a VIR_LOG_INIT("source.name") declaration at
the start of the file. This provides a static variable
of the virLogSource type.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-03-18 14:29:22 +00:00
Martin Kletzander
cc9c62fef9 Require spaces around equality comparisons
Commit a1cbe4b5 added a check for spaces around assignments and this
patch extends it to checks for spaces around '=='.  One exception is
virAssertCmpInt where comma after '==' is acceptable (since it is a
macro and '==' is its argument).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-18 11:29:44 +01:00
Cédric Bosdonnat
78af457eef virnettlscontexttest fails with GNUTLS 3.0.28
On openSUSE 12.x with GNUTLS 3.0.28, virnettlscontexttest fails. It has
been reported to work from GNUTLS 3.1.11 on Fedora 19. Changed the
constraints on gnutls to 3.1+ for unit test cacert4req.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-12-23 13:16:07 -07:00
Daniel P. Berrange
eee6eb666c Remove test case average timing
The test case average timing code has not been used by any test
case ever. Delete it to remove complexity.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-08 12:39:30 +01:00
Daniel P. Berrange
4b8d387ef9 Test handling of non-existent x509 certs
In commit f905cc9984 a use of
uninitialized data was fixed based on a coverity report. It
turns out it was possible to trigger this issue by pointing
libvirt at non-existent certificate files, typically causing
a crash.

This adds a test case for that scenario. With the above
commit reverted, this new test case will crash with a SEGV.
With the fix applied, it passes, reporting a normal libvirt
error to the caller.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-21 13:51:25 +01:00
Martin Kletzander
3be7a30426 tests: Fix parallel runs of TLS test suites
I noticed this yesterday and fixed it in a different way, but ended up
with one more problem.  It was probably the way I fixed it combined
with one more filename changed.

Anyway, why I'm saying this is that one more filename should be renamed
in order to avoid a race (which I was unable to reproduce, though).

I checked this is the last file those two tests have in common by going
through the code and the re-checked by this "script":

strace -o session.trace -e open ./virnettlssessiontest
strace -o context.trace -e open ./virnettlscontexttest
sort \
 <(sed -n '/^open/s/open("\([^"]*\)",.*$/\1/p' context.trace | sort -u)\
 <(sed -n '/^open/s/open("\([^"]*\)",.*$/\1/p' session.trace | sort -u)\
 | uniq -d| grep '.pem$'

So it should be enough to make these tests independent of each other.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-12 20:20:00 -06:00
Daniel P. Berrange
eaa99a17db Fix parallel runs of TLS test suites
Use a separate keyfile name for the two TLS test suites so that
they don't clash when running tests in parallel

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-09 11:54:41 +01:00
Daniel P. Berrange
31d41d9268 Fix validation of CA certificate chains
The code added to validate CA certificates did not take into
account the possibility that the cacert.pem file can contain
multiple (concatenated) cert data blocks. Extend the code for
loading CA certs to use the gnutls APIs for loading cert lists.
Add test cases to check that multi-level trees of certs will
validate correctly.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 10:44:28 +01:00
Daniel P. Berrange
b93bd78ed3 Change data passed into TLS test cases
Currently a 'struct testTLSCertReq' instance is passed into
the TLS test cases. This is not flexible enough to cope with
certificate chains, where one file now corresponds to multiple
certificates. Change the test cases so that we pass in filenames
instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 10:02:12 +01:00
Daniel P. Berrange
90811c5987 Avoid re-generating certs every time
Currently every test case in the TLS test suite generates the
certs fresh. This is a waste of time, since its parameters
don't change across test cases. Create certs once in main
method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 10:00:42 +01:00
Daniel P. Berrange
236da82dae Split TLS test into two separate tests
The virnettlscontexttest.c tests both virNetTLSContext
and virNetTLSSession functionality. Split into two
separate tests, to make the code size more manageable

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 10:00:42 +01:00
Daniel P. Berrange
0204d6d7a0 Fix TLS tests with gnutls 3
When given a CA cert with basic constraints to set non-critical,
and key usage of 'key signing', this should be rejected. Version
of GNUTLS < 3 do not rejecte it though, so we never noticed the
test case was broken

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-04 17:42:16 +00:00
John Ferlan
0eb62708a7 virnettlscontexttest: Resolve memory leak found by Valgrind
testTLSDerEncode() will allocate memory for der.data, it wasn't VIR_FREE()'d.
also don't initialized der to use static buffer.
2013-02-07 14:08:13 -05:00
John Ferlan
31e0de1a85 tests: Remove VIR_FREE() on static/stack buffer (der.data) 2013-01-23 15:02:06 +01:00
John Ferlan
51811e4161 Resolve COPY_PASTE error found by Coverity
Fix copy-paste error doing handshake.

The clientShake was not set to true, thus we'd potentially never leave
the handshake while loop.
2013-01-08 16:21:46 +01:00
Daniel P. Berrange
f24404a324 Rename virterror.c virterror_internal.h to virerror.{c,h} 2012-12-21 11:19:50 +00:00
Daniel P. Berrange
44f6ae27fe Rename util.{c,h} to virutil.{c,h} 2012-12-21 11:19:49 +00:00
Daniel P. Berrange
ab9b7ec2f6 Rename memory.{c,h} to viralloc.{c,h} 2012-12-21 11:17:14 +00:00
Daniel P. Berrange
936d95d347 Rename logging.{c,h} to virlog.{c,h} 2012-12-21 11:17:14 +00:00
Daniel P. Berrange
04d9510f50 Rename command.{c,h} to vircommand.{c,h} 2012-12-21 11:17:13 +00:00
Ján Tomko
149c87b49d Various typos and misspellings 2012-10-12 00:03:43 +02:00
Eric Blake
4ecb723b9e maint: fix up copyright notice inconsistencies
https://www.gnu.org/licenses/gpl-howto.html recommends that
the 'If not, see <url>.' phrase be a separate sentence.

* tests/securityselinuxhelper.c: Remove doubled line.
* tests/securityselinuxtest.c: Likewise.
* globally: s/;  If/.  If/
2012-09-20 16:30:55 -06:00
Daniel P. Berrange
e10e1969d5 Turn virNetTLSContext and virNetTLSSession into virObject instances
Make virNetTLSContext and virNetTLSSession use the virObject
APIs for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Osier Yang
f9ce7dad60 Desert the FSF address in copyright
Per the FSF address could be changed from time to time, and GNU
recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)

  You should have received a copy of the GNU General Public License
  along with Foobar.  If not, see <http://www.gnu.org/licenses/>.

This patch removes the explicit FSF address, and uses above instead
(of course, with inserting 'Lesser' before 'General').

Except a bunch of files for security driver, all others are changed
automatically, the copyright for securify files are not complete,
that's why to do it manually:

  src/security/security_selinux.h
  src/security/security_driver.h
  src/security/security_selinux.c
  src/security/security_apparmor.h
  src/security/security_apparmor.c
  src/security/security_driver.c
2012-07-23 10:50:50 +08:00
Laine Stump
06a1a45cef test: fix build errors with gcc 4.7.0 and -O0
When building on Fedora 17 (which uses gcc 4.7.0) with -O0 in CFLAGS,
three of the tests failed to compile.

cputest.c and qemuxml2argvtest.c had non-static structs defined
inside the macro that was being repeatedly invoked. Due to some so-far
unidentified change in gcc, the stack space used by variables defined
inside { } is not recovered/re-used when the block ends, so all these
structs have become additive (this is the same problem worked around
in commit cf57d345b). Fortunately, these two files could be fixed with
a single line addition of "static" to the struct definition in the
macro.

virnettlscontexttest.c was a bit different, though. The problem structs
in the do/while loop of macros had non-constant initializers, so it
took a bit more work and piecemeal initialization instead of member
initialization to get things to be happy.

In an ideal world, none of these changes should be necessary, but not
knowing how long it will be until the gcc regressions are fixed, and
since the code is just as correct after this patch as before, it makes
sense to fix libvirt's build for -O0 while also reporting the gcc
problem.
2012-04-05 22:07:41 -06:00
Martin Kletzander
9943276fd2 Cleanup for a return statement in source files
Return statements with parameter enclosed in parentheses were modified
and parentheses were removed. The whole change was scripted, here is how:

List of files was obtained using this command:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$'

Found files were modified with this command:
sed -i -e                                                                 \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'

Then checked for nonsense.

The whole command looks like this:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$' | xargs sed -i -e                            \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'
2012-03-26 14:45:22 -06:00
Philipp Hahn
08f680ee1b tests: virnettlscontexttest needs gnutls-2.6.0
virnettlscontexttest uses gnutls_x509_crt_set_subject_alt_name() and
GNUTLS_FSAN_APPEND, which - according to
<http://www.gnu.org/software/gnutls/manual/gnutls.html> - are only
available since 2.6.0.

Since libvirt still works fine with gnutls-1.0.25 from RHEL5, only
enable the test when the version of GNUTLS is at least 2.6.0.

Signed-off-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Eric Blake <eblake@redhat.com>
2012-02-01 16:36:13 -07:00
Daniel P. Berrange
d3406045fd Split src/util/network.{c,h} into 5 pieces
The src/util/network.c file is a dumping ground for many different
APIs. Split it up into 5 pieces, along functional lines

 - src/util/virnetdevbandwidth.c: virNetDevBandwidth type & helper APIs
 - src/util/virnetdevvportprofile.c: virNetDevVPortProfile type & helper APIs
 - src/util/virsocketaddr.c: virSocketAddr and APIs
 - src/conf/netdev_bandwidth_conf.c: XML parsing / formatting
   for virNetDevBandwidth
 - src/conf/netdev_vport_profile_conf.c: XML parsing / formatting
   for virNetDevVPortProfile

* src/util/network.c, src/util/network.h: Split into 5 pieces
* src/conf/netdev_bandwidth_conf.c, src/conf/netdev_bandwidth_conf.h,
  src/conf/netdev_vport_profile_conf.c, src/conf/netdev_vport_profile_conf.h,
  src/util/virnetdevbandwidth.c, src/util/virnetdevbandwidth.h,
  src/util/virnetdevvportprofile.c, src/util/virnetdevvportprofile.h,
  src/util/virsocketaddr.c, src/util/virsocketaddr.h: New pieces
* daemon/libvirtd.h, daemon/remote.c, src/conf/domain_conf.c,
  src/conf/domain_conf.h, src/conf/network_conf.c,
  src/conf/network_conf.h, src/conf/nwfilter_conf.h,
  src/esx/esx_util.h, src/network/bridge_driver.c,
  src/qemu/qemu_conf.c, src/rpc/virnetsocket.c,
  src/rpc/virnetsocket.h, src/util/dnsmasq.h, src/util/interface.h,
  src/util/iptables.h, src/util/macvtap.c, src/util/macvtap.h,
  src/util/virnetdev.h, src/util/virnetdevtap.c,
  tools/virsh.c: Update include files
2011-11-15 10:27:54 +00:00
Daniel P. Berrange
4c544e6c61 Santize naming of socket address APIs
The socket address APIs in src/util/network.h either take the
form  virSocketAddrXXX, virSocketXXX or virSocketXXXAddr.

Sanitize this so everything is virSocketAddrXXXX, and ensure
that the virSocketAddr parameter is always the first one.

* src/util/network.c, src/util/network.h: Santize socket
  address API naming
* src/conf/domain_conf.c, src/conf/network_conf.c,
  src/conf/nwfilter_conf.c, src/network/bridge_driver.c,
  src/nwfilter/nwfilter_ebiptables_driver.c,
  src/nwfilter/nwfilter_learnipaddr.c,
  src/qemu/qemu_command.c, src/rpc/virnetsocket.c,
  src/util/dnsmasq.c, src/util/iptables.c,
  src/util/virnetdev.c, src/vbox/vbox_tmpl.c: Update for
  API renaming
2011-11-09 17:10:23 +00:00
Alex Jia
3a89819de8 tests: avoid memory leak on testTLSSessionInit
* tests/virnettlscontexttest: fix memory leak on virnettlscontext test case.

* Detected in valgrind run:

==25667==
==25667== 86,651 (34,680 direct, 51,971 indirect) bytes in 10 blocks are
definitely lost in loss record 350 of 351
==25667==    at 0x4005447: calloc (vg_replace_malloc.c:467)
==25667==    by 0x4F1F515D: gnutls_init (gnutls_state.c:270)
==25667==    by 0x8053432: virNetTLSSessionNew (virnettlscontext.c:1181)
==25667==    by 0x804DD24: testTLSSessionInit (virnettlscontexttest.c:624)
==25667==    by 0x804F14D: virtTestRun (testutils.c:140)
==25667==
==25667== 100,578 (38,148 direct, 62,430 indirect) bytes in 11 blocks are
definitely lost in loss record 351 of 351
==25667==    at 0x4005447: calloc (vg_replace_malloc.c:467)
==25667==    by 0x4F1F515D: gnutls_init (gnutls_state.c:270)
==25667==    by 0x8053432: virNetTLSSessionNew (virnettlscontext.c:1181)
==25667==    by 0x804DD3C: testTLSSessionInit (virnettlscontexttest.c:625)
==25667==    by 0x804F14D: virtTestRun (testutils.c:140)

* How to reproduce?
% cd libvirt && ./configure && make && make -C tests valgrind
or
% valgrind -v --leak-check=full ./tests/virnettlscontexttest

Signed-off-by: Alex Jia <ajia@redhat.com>
2011-09-08 11:03:34 +01:00
Matthias Bolte
099d30a825 Fix detection of GnuTLS 1.x.y
Detection based on gnutls_session doesn't work because GnuTLS 2.x.y
comes with a compat.h that defines gnutls_session to gnutls_session_t.

Instead detect this based on LIBGNUTLS_VERSION_MAJOR. Move this from
configure/config.h to gnutls_1_0_compat.h and make sure that all users
include gnutls_1_0_compat.h properly.

Also fix header guard in gnutls_1_0_compat.h.
2011-08-03 19:22:29 +02:00
Matthias Bolte
cffba7ea3e tests: Unify style of test skipping code
Prefer 'return EXIT_AM_SKIP' over 'exit(EXIT_AM_SKIP)'.

Prefer 'int main(void)' over 'int main(int argc, char **argv)'.

Fix mymain signature in commandtest and nodeinfotest.
2011-07-29 12:12:58 +02:00
Daniel P. Berrange
4d349ef7be Fix build with gnutls 1.0.x branch 2011-07-26 14:51:03 +01:00
Daniel P. Berrange
677258ab02 Fix import of private key with older gnutls
With older GNUTLS the gnutls_x509_privkey_import function is
unable to import our private key. Instead we must use the
alternative gnutls_x509_privkey_import_pkcs8() (as certtool
does).

* virnettlscontexttest.c: Fix import of private key with
  older gnutls. Also add missing newlines to key
2011-07-25 13:47:11 -06:00
Daniel P. Berrange
567b8d69b9 Fix TLS context tests with expired certs
commit 5283ea9b1d changed the
semantics of the 'expire_offset' field in the test case struct
so that instead of being an absolute timestamp, it was a delta
relative to the current time. This broke the test cases which
were testing expiry of certificates, by putting the expiry
time into the future, instead of in the past.

Fix this by changing the expiry values to be negative, so that
the delta goes into the past again.

* virnettlscontexttest.c: Fix expiry tests
2011-07-25 16:21:19 +01:00