On Thu, Dec 19, 2013 at 01:42:37PM -0700, Eric Blake wrote: > On 12/19/2013 09:23 AM, Cédric Bosdonnat wrote: > > Changed the constraints on gnutls to 3.1+ > > --- > > tests/virnettlscontexttest.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c > > index fc512fc..d9a4e9d 100644 > > --- a/tests/virnettlscontexttest.c > > +++ b/tests/virnettlscontexttest.c > > @@ -268,7 +268,8 @@ mymain(void) > > * be rejected. GNUTLS < 3 does not reject it and > > * we don't anticipate them changing this behaviour > > */ > > - DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename, GNUTLS_VERSION_MAJOR >= 3); > > + DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename, > > + GNUTLS_VERSION_MAJOR >= 3 && GNUTLS_VERSION_MINOR >= 1); > > Not quite. This will reject gnutls 4.0. It has to be more like: > > (GNUTLS_VERSION_MAJOR == 3 && GNUTLS_VERSION_MINOR >= 1) || > GNUTLS_VERSION_MAJOR > 3 > > What distro were you on when you hit this failure? I'm a little bit > reluctant to bump the minimum requirement without knowing a bit more > about how common 3.0 is in practice. Adding more details in your commit > log about why you needed it (not just what you changed) makes it easier > to review. We discussed this on IRC - the earliest version that I tested was on Fedora 19 which have GNUTLS 3.1.11 which passes. On OpenSuse they have 3.0.28 which failed. Technically we could bisect every darn release version between these two to find out where the fix came in, but frankly it is easier to just assume 3.1.0 until the unlikely event that someone else complains :-) Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list