When generating certificates we rely on GNUTLS' built-in default setup
for the ciphers used in the certs. We then currently run with the distro
specific TLS priority setup which can be much stronger, to the extent
that the certificates we generate are considered untrustworthy. We don't
care about the quality of the ciphers we use in the test suite, so just
force the priority to "NORMAL" which should ensure our certs are
accepted by GNUTLS.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
tests/virnettlscontexttest.c | 4 ++--
tests/virnettlssessiontest.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
index 089c10e964..86647f3014 100644
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -72,7 +72,7 @@ static int testTLSContextInit(const void *opaque)
data->crt,
KEYFILE,
NULL,
- NULL,
+ "NORMAL",
true,
true);
} else {
@@ -80,7 +80,7 @@ static int testTLSContextInit(const void *opaque)
NULL,
data->crt,
KEYFILE,
- NULL,
+ "NORMAL",
true,
true);
}
diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
index 6d639e5b16..7e85607181 100644
--- a/tests/virnettlssessiontest.c
+++ b/tests/virnettlssessiontest.c
@@ -113,7 +113,7 @@ static int testTLSSessionInit(const void *opaque)
data->servercrt,
KEYFILE,
data->wildcards,
- NULL,
+ "NORMAL",
false,
true);
@@ -121,7 +121,7 @@ static int testTLSSessionInit(const void *opaque)
NULL,
data->clientcrt,
KEYFILE,
- NULL,
+ "NORMAL",
false,
true);
--
2.14.3