Commit Graph

9 Commits

Author SHA1 Message Date
Alex Jia
3a89819de8 tests: avoid memory leak on testTLSSessionInit
* tests/virnettlscontexttest: fix memory leak on virnettlscontext test case.

* Detected in valgrind run:

==25667==
==25667== 86,651 (34,680 direct, 51,971 indirect) bytes in 10 blocks are
definitely lost in loss record 350 of 351
==25667==    at 0x4005447: calloc (vg_replace_malloc.c:467)
==25667==    by 0x4F1F515D: gnutls_init (gnutls_state.c:270)
==25667==    by 0x8053432: virNetTLSSessionNew (virnettlscontext.c:1181)
==25667==    by 0x804DD24: testTLSSessionInit (virnettlscontexttest.c:624)
==25667==    by 0x804F14D: virtTestRun (testutils.c:140)
==25667==
==25667== 100,578 (38,148 direct, 62,430 indirect) bytes in 11 blocks are
definitely lost in loss record 351 of 351
==25667==    at 0x4005447: calloc (vg_replace_malloc.c:467)
==25667==    by 0x4F1F515D: gnutls_init (gnutls_state.c:270)
==25667==    by 0x8053432: virNetTLSSessionNew (virnettlscontext.c:1181)
==25667==    by 0x804DD3C: testTLSSessionInit (virnettlscontexttest.c:625)
==25667==    by 0x804F14D: virtTestRun (testutils.c:140)

* How to reproduce?
% cd libvirt && ./configure && make && make -C tests valgrind
or
% valgrind -v --leak-check=full ./tests/virnettlscontexttest

Signed-off-by: Alex Jia <ajia@redhat.com>
2011-09-08 11:03:34 +01:00
Matthias Bolte
099d30a825 Fix detection of GnuTLS 1.x.y
Detection based on gnutls_session doesn't work because GnuTLS 2.x.y
comes with a compat.h that defines gnutls_session to gnutls_session_t.

Instead detect this based on LIBGNUTLS_VERSION_MAJOR. Move this from
configure/config.h to gnutls_1_0_compat.h and make sure that all users
include gnutls_1_0_compat.h properly.

Also fix header guard in gnutls_1_0_compat.h.
2011-08-03 19:22:29 +02:00
Matthias Bolte
cffba7ea3e tests: Unify style of test skipping code
Prefer 'return EXIT_AM_SKIP' over 'exit(EXIT_AM_SKIP)'.

Prefer 'int main(void)' over 'int main(int argc, char **argv)'.

Fix mymain signature in commandtest and nodeinfotest.
2011-07-29 12:12:58 +02:00
Daniel P. Berrange
4d349ef7be Fix build with gnutls 1.0.x branch 2011-07-26 14:51:03 +01:00
Daniel P. Berrange
677258ab02 Fix import of private key with older gnutls
With older GNUTLS the gnutls_x509_privkey_import function is
unable to import our private key. Instead we must use the
alternative gnutls_x509_privkey_import_pkcs8() (as certtool
does).

* virnettlscontexttest.c: Fix import of private key with
  older gnutls. Also add missing newlines to key
2011-07-25 13:47:11 -06:00
Daniel P. Berrange
567b8d69b9 Fix TLS context tests with expired certs
commit 5283ea9b1d changed the
semantics of the 'expire_offset' field in the test case struct
so that instead of being an absolute timestamp, it was a delta
relative to the current time. This broke the test cases which
were testing expiry of certificates, by putting the expiry
time into the future, instead of in the past.

Fix this by changing the expiry values to be negative, so that
the delta goes into the past again.

* virnettlscontexttest.c: Fix expiry tests
2011-07-25 16:21:19 +01:00
Eric Blake
d1f144d6fe tests: detect gnutls errors
* tests/virnettlscontexttest.c (testTLSLoadKey): Report errors.
2011-07-25 13:51:50 +08:00
Eric Blake
5283ea9b1d tests: fix compilation failures
Even though gnutls is a hard-req for libvirt, and gnutls depends
on libtasn1, that does not mean that you have to have the libtasn1
development files installed.  Skip the test rather than failing
compilation in that case.

With newer gcc, the test consumed too much stack space.  Move
things to static storage to fix that.

* configure.ac (AC_CHECK_HEADERS): Check for libtasn1.h.
(HAVE_LIBTASN1): New automake conditional.
* tests/Makefile.am (virnettlsconvirnettlscontexttest_SOURCES)
(virnettlscontexttest_LDADD): Allow compilation without libtasn1.
* tests/virnettlscontexttest.c: Skip test if headers not present.
(struct testTLSCertReq): Alter time members.
(testTLSGenerateCert): Reflect the change.
(mymain): Reduce stack usage.
2011-07-25 13:48:26 +08:00
Daniel P. Berrange
bd789dff80 Add a test case for certificate validation
This test case checks certification validation rules for

 - Basic constraints
 - Key purpose
 - Key usage
 - Start/expiry times

It checks initial context creation sanity checks, and live
session validation
2011-07-22 15:18:32 +01:00