[jira] [Updated] (PROTON-979) build tests fail if Cyrus SASL otp mech is installed

[Justin Ross (JIRA)]

     [ 
https://issues.apache.org/jira/browse/PROTON-979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Justin Ross updated PROTON-979:
-------------------------------
    Labels: close-pending release_notes  (was: release_notes)

> build tests fail if Cyrus SASL otp mech is installed
> ----------------------------------------------------
>
>                 Key: PROTON-979
>                 URL: https://issues.apache.org/jira/browse/PROTON-979
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.9.1, 0.10, 0.11.0
>         Environment: Ubuntu 14.04, cyrus sasl 2.1.25
>            Reporter: Andrew Stitcher
>              Labels: close-pending, release_notes
>
> If you have the Cyrus SASL OTP module installed (debian package 
> libsasl2-modules-otp):
> While running 'ctest' the python-test fails in a lot of SSL tests but only if 
> SASL has been initialised first. So if you run many of the failing tests by 
> them selves using proton-test directly they will succeed.
> The first error in a full test run looks like:
> {noformat}
> 1: proton_tests.sasl.SSLSASLTest.testSSLExternalSimple ..................... 
> fail
> 1: Error during setup:  Traceback (most recent call last):
> 1:     File 
> "/home/andrew/src/proton/qpid-proton-0.10/tests/python/proton-test", line 
> 360, in run
> 1:       phase()
> 1:     File 
> "/home/andrew/src/proton/qpid-proton-0.10/tests/python/proton_tests/sasl.py", 
> line 373, in setup
> 1:       self.server_domain = SSLDomain(SSLDomain.MODE_SERVER)
> 1:     File 
> "/home/andrew/src/proton/qpid-proton-0.10/proton-c/bindings/python/proton/__init__.py",
>  line 3490, in __init__
> 1:       raise SSLUnavailable()
> 1:   SSLUnavailable
> {noformat}
> It seems that the underlying cause here is that the Cyrus sasl otp code uses 
> libcrypt which has some global initialisation.
> If the otp code gets there first it initiialises libcrypt in a way which 
> makes 
> this line of code in the proton openssl code fail:
> [line 482 of openssl.c]
> {code}
>  domain->ctx = SSL_CTX_new(SSLv23_server_method()); // and TLSv1+
> {code}
> It is highly plausible that other cyrus sasl mechs that also use ssl and are 
> actually initialised could also cause this problem (at least sql & ldap) 
> however in my test environment they aren't initialised.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org