[libvirt] virnettlscontexttest test fails on Fedora Rawhide x86_64 - Devel - Libvirt List Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

December

[libvirt] virnettlscontexttest test fails on Fedora Rawhide x86_64

[libvirt] [PATCH v2] vl.c: Support...

[libvirt] [PATCHv2] qemu: fix...

Richard W.M. Jones

Thursday, 28 February 2013 Thu, 28 Feb '13

5:44 a.m.

Still investigating, but the log is attached. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

Attachments:

test-suite.log (text/plain — 5.7 KB)

Reply

Show replies by date

Daniel P. Berrange

Thursday, 28 February Thu, 28 Feb

5:53 a.m.

On Thu, Feb 28, 2013 at 11:44:02AM +0000, Richard W.M. Jones wrote:

Still investigating, but the log is attached. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

========================================= libvirt 1.0.2: tests/test-suite.log ========================================= # TOTAL: 83 # PASS: 80 # SKIP: 2 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0 .. contents:: :depth: 2 FAIL: virnettlscontexttest ========================== TEST: virnettlscontexttest 1) TLS Context ... OK 2) TLS Context ... OK 3) TLS Context ... OK 4) TLS Context ... OK 5) TLS Context ... OK 6) TLS Context ... libvir: XML-RPC error : Our own certificate servercert.pem failed validation against cacert5.pem: The certificate is not trusted. FAILED

In that test case we're creating a CA cert which has the key-usage policy set to "digital signature" instead of "key signing". However we also set the flag "non-critical" so a failing key usage policy check should still result in a pass from cert validation. Sounds like gnutls3 isn't liking this. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|

Reply

Richard W.M. Jones

6:59 a.m.

On Thu, Feb 28, 2013 at 11:53:12AM +0000, Daniel P. Berrange wrote: [...]

In that test case we're creating a CA cert which has the key-usage policy set to "digital signature" instead of "key signing". However we also set the flag "non-critical" so a failing key usage policy check should still result in a pass from cert validation. Sounds like gnutls3 isn't liking this.

I've filed this bug, initially against libvirt although it probably needs to be reassigned to gnutls: https://bugzilla.redhat.com/show_bug.cgi?id=916603 I have also added a patch to the Rawhide libvirt package to disable this test for now. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/

Reply

4285

days inactive

4285

days old

devel@lists.libvirt.org

Manage subscription

2 comments

2 participants

tags (0)

participants (2)

Daniel P. Berrange
Richard W.M. Jones