Re: [libvirt] [PATCH] tests: adapt to gnutls change in dname en-/decoding
On Wed, Nov 16, 2016 at 04:23:41PM +0100, Christian Ehrhardt wrote:
A recent change in gnutls that was released with 3.5.6 changed the
behavior of dname en- and decoding to follow RFC4514.
That breaks the related tests which failed validation in
virNetTLSContextCheckCertDNWhitelist due to the strings no more matching
in the fnmatch check.
The fix is a gnutls version dependent definition of the wildcard strings
used by the tests (older gnutls versions require the old order).
Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
---
tests/virnettlssessiontest.c | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
NACK, the gnutls changes are being reverted by upstream and IMHO
if any distro is shipping 3.5.6 they should revert them too, as
the change was a semantic break in gnutls API that will in turn
break any libvirt deployments using this feature when upgraded
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|