Re: [ovs-dev] [PATCH ovn] tests: Fix ssl-ciphers RO sb test with old openssl.

Tue, 09 Jul 2024 23:57:34 -0700 

On Sat, Jul 6, 2024 at 4:21 PM Vladislav Odintsov <[email protected]> wrote:

> The test "read-only sb db:pssl access with ssl-ciphers and ssl-protocols"
> fails when running with openssl which doesn't support some of passed
> values.
> For instance, on openssl 1.0.2 there is no support for 'SECLEVEL' and
> test fails due to extra string in stderr, which is asserted as a part of
> test:
>
>   ./ovn.at:37851: ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
>                     --private-key=$PKIDIR/testpki-test-privkey.pem \
>                       --certificate=$PKIDIR/testpki-test-cert.pem \
>                       --ca-cert=$PKIDIR/testpki-cacert.pem \
>                       --ssl-ciphers='HIGH:!aNULL:!MD5:@SECLEVEL=1' \
>                       --ssl-protocols='TLSv1,TLSv1.1,TLSv1.2' \
>                     chassis-add ch vxlan 1.2.4.8
>   --- - 2024-07-05 13:48:11.697647047 +0300
>   +++
> /builddir/build/BUILD/ovn-24.03.90/tests/testsuite.dir/at-groups/520/stderr
> 2024-07-05 13:48:11.694353357 +0300
>   @@ -1,2 +1,3 @@
>   +2024-07-05T10:48:11Z|00001|stream_ssl|ERR|SSL_CTX_set_cipher_list:
> error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command
>    ovn-sbctl: transaction error: {"details":"insert operation not allowed
> when database server is in read only mode","error":"not allowed"}
>
> This patch fixes the test adding grep of expected transaction error.
>
> CC: Aliasgar Ginwala <[email protected]>
> Fixes: 620203f9f0d9 ("Fix segfault due to ssl-ciphers.")
> Signed-off-by: Vladislav Odintsov <[email protected]>
> ---
>  tests/ovn.at | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/tests/ovn.at b/tests/ovn.at
> index 87a64499f..2341f52d5 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -37854,9 +37854,9 @@ AT_CHECK([ovn-sbctl --db=ssl:127.0.0.1:$TCP_PORT \
>                      --ca-cert=$PKIDIR/testpki-cacert.pem \
>                      --ssl-ciphers='HIGH:!aNULL:!MD5:@SECLEVEL=1' \
>                      --ssl-protocols='TLSv1,TLSv1.1,TLSv1.2' \
> -                    chassis-add ch vxlan 1.2.4.8], [1], [ignore],
> -[ovn-sbctl: transaction error: {"details":"insert operation not allowed
> when database server is in read only mode","error":"not allowed"}
> -])
> +                    chassis-add ch vxlan 1.2.4.8 2>&1 | grep 'transaction
> error]', [0], [dnl
> +ovn-sbctl: transaction error: {"details":"insert operation not allowed
> when database server is in read only mode","error":"not allowed"}
> +], [ignore])
>
>  OVS_APP_EXIT_AND_WAIT([ovsdb-server])
>  AT_CLEANUP
> --
> 2.45.2
>
> _______________________________________________
> dev mailing list
> [email protected]
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
>
Looks good to me, thanks.

Acked-by: Ales Musil <[email protected]>

-- 

Ales Musil

Senior Software Engineer - OVN Core

Red Hat EMEA <https://www.redhat.com>

[email protected]
<https://red.ht/sig>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to