On Wed, Apr 06, 2016 at 12:40:44PM +0100, Alex Bligh wrote:
> Daniel,
>
> On 6 Apr 2016, at 12:13, Daniel P. Berrange wrote:
>
> > So the problem turned out to be that the qemu-img program failed to
> > call qcrypto_init(), so gnutls had not had its one-time initialization
> > performed. This do
Daniel,
On 6 Apr 2016, at 12:13, Daniel P. Berrange wrote:
> So the problem turned out to be that the qemu-img program failed to
> call qcrypto_init(), so gnutls had not had its one-time initialization
> performed. This doesn't matter for gnutls 3.x but does for anything
> older than that. I jus
On Tue, Apr 05, 2016 at 09:01:10PM +0100, Alex Bligh wrote:
> When I attempt to connect via TLS like this (using today's qemu master):
>
>./qemu-img info --object
> tls-creds-x509,id=tls0,dir=../certs,endpoint=client --image-opts
> driver=nbd,host=127.0.0.1,port=,export=foo,tls-creds=tls
On Wed, Apr 06, 2016 at 10:22:45AM +0100, Alex Bligh wrote:
>
> On 6 Apr 2016, at 10:11, Daniel P. Berrange wrote:
>
> > Oh I'd be interested to know if the unit tests pass for you - can you
> > run this
> >
> > make ./tests/test-crypto-tlssession ./tests/test-crypto-tlscredsx509
> > ./tests/
On 6 Apr 2016, at 10:11, Daniel P. Berrange wrote:
> Oh I'd be interested to know if the unit tests pass for you - can you
> run this
>
> make ./tests/test-crypto-tlssession ./tests/test-crypto-tlscredsx509
> ./tests/test-crypto-tlscredsx509
> ./tests/test-crypto-tlssession
See below. They
On 6 Apr 2016, at 10:09, Daniel P. Berrange wrote:
> I've just tested using your certs and they work correctly for me. I have
> gnutls-3.4.10-1.fc23.x86_64 on Fedora 23, so either there's something
> broken with gnutls 2.x compatibility in general, or there's a specific
> bug in your exact vers
On Wed, Apr 06, 2016 at 10:09:07AM +0100, Daniel P. Berrange wrote:
> On Tue, Apr 05, 2016 at 09:01:10PM +0100, Alex Bligh wrote:
> > When I attempt to connect via TLS like this (using today's qemu master):
> >
> >./qemu-img info --object
> > tls-creds-x509,id=tls0,dir=../certs,endpoint=clien
On Tue, Apr 05, 2016 at 09:01:10PM +0100, Alex Bligh wrote:
> When I attempt to connect via TLS like this (using today's qemu master):
>
>./qemu-img info --object
> tls-creds-x509,id=tls0,dir=../certs,endpoint=client --image-opts
> driver=nbd,host=127.0.0.1,port=,export=foo,tls-creds=tls
When I attempt to connect via TLS like this (using today's qemu master):
./qemu-img info --object tls-creds-x509,id=tls0,dir=../certs,endpoint=client
--image-opts driver=nbd,host=127.0.0.1,port=,export=foo,tls-creds=tls0
(command line from Daniel over IRC)
I get the rather opaque error:
