| commit | 23c1595b0297e6ca8f37559af6f0b8533aa1fd99 | |
| author | Daniel P. Berrange <berrange@redhat.com> | |
| Tue, 29 Aug 2017 16:03:30 +0000 (29 17:03 +0100) | ||
| committer | Daniel P. Berrange <berrange@redhat.com> | |
| Mon, 4 Sep 2017 09:45:19 +0000 (4 10:45 +0100) | ||
| tree | 36e5c776d537e46d597cb43b5c318f5b55e0af27 | treesnapshot (tar.gz zip) |
| parent | 8c0a6dc96cd14c48da4a61fe35431f36d6e6e467 | commitdiff |
crypto: fix test cert generation to not use SHA1 algorithm
GNUTLS 3.6.0 marked SHA1 as untrusted for certificates.
Unfortunately the gnutls_x509_crt_sign() method we are
using to create certificates in the test suite is fixed
to always use SHA1. We must switch to a different method
and explicitly ask for SHA256.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
GNUTLS 3.6.0 marked SHA1 as untrusted for certificates.
Unfortunately the gnutls_x509_crt_sign() method we are
using to create certificates in the test suite is fixed
to always use SHA1. We must switch to a different method
and explicitly ask for SHA256.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
| tests/crypto-tls-x509-helpers.c | diffblobblamehistory |