virnettlscontexttest fails with GNUTLS 3.0.28

On openSUSE 12.x with GNUTLS 3.0.28, virnettlscontexttest fails. It has
been reported to work from GNUTLS 3.1.11 on Fedora 19. Changed the
constraints on gnutls to 3.1+ for unit test cacert4req.

Signed-off-by: Eric Blake <eblake@redhat.com>

diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
index fc512fccb99ff066b4eee3ba94509d2f3c1f8bbe..1cc994652edea4437dc424c24dda97b76bf05ef8 100644 (file)
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2011-2012 Red Hat, Inc.
+ * Copyright (C) 2011-2013 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -265,10 +265,12 @@ mymain(void)
 
     /* Technically a CA cert with basic constraints
      * key purpose == key signing + non-critical should
-     * be rejected. GNUTLS < 3 does not reject it and
+     * be rejected. GNUTLS < 3.1 does not reject it and
      * we don't anticipate them changing this behaviour
      */
-    DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename, GNUTLS_VERSION_MAJOR >= 3);
+    DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename,
+                (GNUTLS_VERSION_MAJOR == 3 && GNUTLS_VERSION_MINOR >= 1) ||
+                GNUTLS_VERSION_MAJOR > 3);
     DO_CTX_TEST(true, cacert5req.filename, servercert5req.filename, true);
     DO_CTX_TEST(true, cacert6req.filename, servercert6req.filename, true);