tests: use error_abort in places expecting errors

        "sanity-check", "yes",

        NULL);

    if (*errp) {

    if (!creds) {

        return NULL;

    }

    return QCRYPTO_TLS_CREDS(creds);

    struct QCryptoTLSCredsTestData *data =

        (struct QCryptoTLSCredsTestData *)opaque;

    QCryptoTLSCreds *creds;

    Error *err = NULL;

#define CERT_DIR "tests/test-crypto-tlscredsx509-certs/"

    mkdir(CERT_DIR, 0700);

         QCRYPTO_TLS_CREDS_ENDPOINT_SERVER :

         QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT),

        CERT_DIR,

        &err);

        data->expectFail ? NULL : &error_abort);

    if (data->expectFail) {

        error_free(err);

        g_assert(creds == NULL);

    } else {

        if (err) {

            g_printerr("Failed to generate creds: %s\n",

                       error_get_pretty(err));

            error_free(err);

        }

        g_assert(creds != NULL);

    }

static QCryptoTLSCreds *test_tls_creds_psk_create(

    QCryptoTLSCredsEndpoint endpoint,

    const char *dir,

    Error **errp)

    const char *dir)

{

    Error *err = NULL;

    Object *parent = object_get_objects_root();

    Object *creds = object_new_with_props(

        TYPE_QCRYPTO_TLS_CREDS_PSK,

        parent,

        (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

         "testtlscredsserver" : "testtlscredsclient"),

        &err,

        &error_abort,

        "endpoint", (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

                     "server" : "client"),

        "dir", dir,

        "priority", "NORMAL",

        NULL

        );

    if (err) {

        error_propagate(errp, err);

        return NULL;

    }

    return QCRYPTO_TLS_CREDS(creds);

}

    int channel[2];

    bool clientShake = false;

    bool serverShake = false;

    Error *err = NULL;

    int ret;

    /* We'll use this for our fake client-server connection */

    clientCreds = test_tls_creds_psk_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT,

        WORKDIR,

        &err);

        WORKDIR);

    g_assert(clientCreds != NULL);

    serverCreds = test_tls_creds_psk_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,

        WORKDIR,

        &err);

        WORKDIR);

    g_assert(serverCreds != NULL);

    /* Now the real part of the test, setup the sessions */

    clientSess = qcrypto_tls_session_new(

        clientCreds, NULL, NULL,

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &err);

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &error_abort);

    g_assert(clientSess != NULL);

    serverSess = qcrypto_tls_session_new(

        serverCreds, NULL, NULL,

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &err);

    g_assert(clientSess != NULL);

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &error_abort);

    g_assert(serverSess != NULL);

    /* For handshake to work, we need to set the I/O callbacks

        int rv;

        if (!serverShake) {

            rv = qcrypto_tls_session_handshake(serverSess,

                                               &err);

                                               &error_abort);

            g_assert(rv >= 0);

            if (qcrypto_tls_session_get_handshake_status(serverSess) ==

                QCRYPTO_TLS_HANDSHAKE_COMPLETE) {

        }

        if (!clientShake) {

            rv = qcrypto_tls_session_handshake(clientSess,

                                               &err);

                                               &error_abort);

            g_assert(rv >= 0);

            if (qcrypto_tls_session_get_handshake_status(clientSess) ==

                QCRYPTO_TLS_HANDSHAKE_COMPLETE) {

    /* Finally make sure the server & client validation is successful. */

    g_assert(qcrypto_tls_session_check_credentials(serverSess, &err) == 0);

    g_assert(qcrypto_tls_session_check_credentials(clientSess, &err) == 0);

    g_assert(qcrypto_tls_session_check_credentials(serverSess,

                                                   &error_abort) == 0);

    g_assert(qcrypto_tls_session_check_credentials(clientSess,

                                                   &error_abort) == 0);

    object_unparent(OBJECT(serverCreds));

    object_unparent(OBJECT(clientCreds));

static QCryptoTLSCreds *test_tls_creds_x509_create(

    QCryptoTLSCredsEndpoint endpoint,

    const char *certdir,

    Error **errp)

    const char *certdir)

{

    Error *err = NULL;

    Object *parent = object_get_objects_root();

    Object *creds = object_new_with_props(

        TYPE_QCRYPTO_TLS_CREDS_X509,

        parent,

        (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

         "testtlscredsserver" : "testtlscredsclient"),

        &err,

        &error_abort,

        "endpoint", (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

                     "server" : "client"),

        "dir", certdir,

        "sanity-check", "no",

        NULL

        );

    if (err) {

        error_propagate(errp, err);

        return NULL;

    }

    return QCRYPTO_TLS_CREDS(creds);

}

    int channel[2];

    bool clientShake = false;

    bool serverShake = false;

    Error *err = NULL;

    int ret;

    /* We'll use this for our fake client-server connection */

    clientCreds = test_tls_creds_x509_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT,

        CLIENT_CERT_DIR,

        &err);

        CLIENT_CERT_DIR);

    g_assert(clientCreds != NULL);

    serverCreds = test_tls_creds_x509_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,

        SERVER_CERT_DIR,

        &err);

        SERVER_CERT_DIR);

    g_assert(serverCreds != NULL);

    acl = qemu_acl_init("tlssessionacl");

    /* Now the real part of the test, setup the sessions */

    clientSess = qcrypto_tls_session_new(

        clientCreds, data->hostname, NULL,

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &err);

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT, &error_abort);

    g_assert(clientSess != NULL);

    serverSess = qcrypto_tls_session_new(

        serverCreds, NULL,

        data->wildcards ? "tlssessionacl" : NULL,

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &err);

    g_assert(clientSess != NULL);

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, &error_abort);

    g_assert(serverSess != NULL);

    /* For handshake to work, we need to set the I/O callbacks

        int rv;

        if (!serverShake) {

            rv = qcrypto_tls_session_handshake(serverSess,

                                               &err);

                                               &error_abort);

            g_assert(rv >= 0);

            if (qcrypto_tls_session_get_handshake_status(serverSess) ==

                QCRYPTO_TLS_HANDSHAKE_COMPLETE) {

        }

        if (!clientShake) {

            rv = qcrypto_tls_session_handshake(clientSess,

                                               &err);

                                               &error_abort);

            g_assert(rv >= 0);

            if (qcrypto_tls_session_get_handshake_status(clientSess) ==

                QCRYPTO_TLS_HANDSHAKE_COMPLETE) {

    /* Finally make sure the server validation does what

     * we were expecting

     */

    if (qcrypto_tls_session_check_credentials(serverSess, &err) < 0) {

    if (qcrypto_tls_session_check_credentials(

            serverSess, data->expectServerFail ? NULL : &error_abort) < 0) {

        g_assert(data->expectServerFail);

        error_free(err);

        err = NULL;

    } else {

        g_assert(!data->expectServerFail);

    }

    /*

     * And the same for the client validation check

     */

    if (qcrypto_tls_session_check_credentials(clientSess, &err) < 0) {

    if (qcrypto_tls_session_check_credentials(

            clientSess, data->expectClientFail ? NULL : &error_abort) < 0) {

        g_assert(data->expectClientFail);

        error_free(err);

        err = NULL;

    } else {

        g_assert(!data->expectClientFail);

    }

#include "crypto/init.h"

#include "crypto/tlscredsx509.h"

#include "qemu/acl.h"

#include "qapi/error.h"

#include "qom/object_interfaces.h"

#ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT

static QCryptoTLSCreds *test_tls_creds_create(QCryptoTLSCredsEndpoint endpoint,

                                              const char *certdir,

                                              Error **errp)

                                              const char *certdir)

{

    Object *parent = object_get_objects_root();

    Object *creds = object_new_with_props(

        parent,

        (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

         "testtlscredsserver" : "testtlscredsclient"),

        errp,

        &error_abort,

        "endpoint", (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER ?

                     "server" : "client"),

        "dir", certdir,

        NULL

        );

    if (*errp) {

        return NULL;

    }

    return QCRYPTO_TLS_CREDS(creds);

}

    int channel[2];

    struct QIOChannelTLSHandshakeData clientHandshake = { false, false };

    struct QIOChannelTLSHandshakeData serverHandshake = { false, false };

    Error *err = NULL;

    QIOChannelTest *test;

    GMainContext *mainloop;

    clientCreds = test_tls_creds_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT,

        CLIENT_CERT_DIR,

        &err);

        CLIENT_CERT_DIR);

    g_assert(clientCreds != NULL);

    serverCreds = test_tls_creds_create(

        QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,

        SERVER_CERT_DIR,

        &err);

        SERVER_CERT_DIR);

    g_assert(serverCreds != NULL);

    acl = qemu_acl_init("channeltlsacl");

    }

    clientChanSock = qio_channel_socket_new_fd(

        channel[0], &err);

        channel[0], &error_abort);

    g_assert(clientChanSock != NULL);

    serverChanSock = qio_channel_socket_new_fd(

        channel[1], &err);

        channel[1], &error_abort);

    g_assert(serverChanSock != NULL);

    /*

    /* Now the real part of the test, setup the sessions */

    clientChanTLS = qio_channel_tls_new_client(

        QIO_CHANNEL(clientChanSock), clientCreds,

        data->hostname, &err);

        data->hostname, &error_abort);

    g_assert(clientChanTLS != NULL);

    serverChanTLS = qio_channel_tls_new_server(

        QIO_CHANNEL(serverChanSock), serverCreds,

        "channeltlsacl", &err);

        "channeltlsacl", &error_abort);

    g_assert(serverChanTLS != NULL);

    qio_channel_tls_handshake(clientChanTLS,