[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 0/4] Fix handling of CA certificate chains



On 08/06/2013 05:35 AM, Daniel P. Berrange wrote:
> This series fixes the CA certificate validation so that it
> correctly works when a client and server cert are both signed
> by intermediate CAs, sharing a common ancestor CA.

After the application of this series, I'm starting to see sporadic test
failures; when I run 'make -j3 check' the test sometimes fails like
this; but when I then do 'cd tests; ./virnettlssessiontest', it passes.
 I suspect you have a race where parallel tests are now trying to access
the same file, and whoever loses the test fails; whereas a serial run
passes every time.

11) TLS Session servercertreq.filename + clientcertreq.filename       ... OK
12) TLS Session servercertreq.filename + clientcertreq.filename
... libvirt: XML-RPC error : authentication failed: Failed to verify
peer's certificate
OK
13) TLS Session servercertreq.filename + clientcertreq.filename       ... OK
14) TLS Session servercertreq.filename + clientcertreq.filename
... libvirt: XML-RPC error : authentication failed: Failed to verify
peer's certificate
FAILED
15) TLS Session servercertlevel3areq.filename +
clientcertlevel2breq.filename ... libvirt: XML-RPC error : Cannot read
private key '/home/eblake/libvirt/tests/virnettlscontexttest-key.pem':
No such file or directory
FAILED


> 
> --
> libvir-list mailing list
> libvir-list redhat com
> https://www.redhat.com/mailman/listinfo/libvir-list
> 
> 

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]