[glib-networking/mcatanzaro/client-auth-failure: 2/2] Fix flaky failures in client auth failure tests

[Michael Catanzaro <mcatanzaro src gnome org>]

commit a5c18b553ef1a3cf43faddb6ca37596f59c77370
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Mon Apr 1 21:38:18 2019 -0500

    Fix flaky failures in client auth failure tests
    
    The test is currently too strict about which errors to expect after the
    server drops the connection. It expects G_IO_ERROR_BROKEN_PIPE to only
    occur during the close, but it could also occur during the read, in
    which case there will be no error on close. It's a shame we can't
    guarantee a consistent error in this case and the errors in general
    could stand to be improved, but important thing is that there is some
    error: the read is (properly) not working.
    
    Fixes #66

 tls/tests/connection.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)
---
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index e1a9686..69fb286 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -459,9 +459,18 @@ on_client_connection_close_finish (GObject        *object,
   g_io_stream_close_finish (G_IO_STREAM (object), res, &error);
 
   if (test->expected_client_close_error)
-    g_assert_error (error, test->expected_client_close_error->domain, 
test->expected_client_close_error->code);
+    {
+      /* Although very rare, it's OK for broken pipe errors to not occur here if
+       * they have already occured earlier during a read. If so, there should be
+       * no error here at all.
+       */
+      if (error || !g_error_matches (test->expected_client_close_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE))
+        g_assert_error (error, test->expected_client_close_error->domain, 
test->expected_client_close_error->code);
+    }
   else
-    g_assert_no_error (error);
+    {
+      g_assert_no_error (error);
+    }
 
   g_main_loop_quit (test->loop);
 }
@@ -1123,9 +1132,12 @@ test_client_auth_failure (TestConnection *test,
   read_test_data_async (test);
   g_main_loop_run (test->loop);
 
+  /* In TLS 1.2 we'll notice that a server cert was requested. For TLS 1.3 we
+   * just get dropped, usually G_TLS_ERROR_MISC but possibly also broken pipe.
+   */
   if (client_can_receive_certificate_required_errors (test))
     g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
-  else
+  else if (!g_error_matches (test->read_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE))
     g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_MISC);
   g_assert_error (test->server_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
 
@@ -1319,7 +1331,7 @@ test_client_auth_request_fail (TestConnection *test,
   /* FIXME: G_FILE_ERROR_ACCES is not a very great error to get here. */
   if (client_can_receive_certificate_required_errors (test))
     g_assert_error (test->read_error, G_FILE_ERROR, G_FILE_ERROR_ACCES);
-  else
+  else if (!g_error_matches (test->read_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE))
     g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_MISC);
 
   g_io_stream_close (test->server_connection, NULL, NULL);