Andrew Stitcher created PROTON-979:

             Summary: build tests fail if Cyrus SASL otp mech is installed
                 Key: PROTON-979
             Project: Qpid Proton
          Issue Type: Bug
          Components: proton-c
    Affects Versions: 0.9.1, 0.10, 0.11
         Environment: Ubuntu 14.04, cyrus sasl 2.1.25
            Reporter: Andrew Stitcher

If you have the Cyrus SASL OTP module installed (debian package 

While running 'ctest' the python-test fails in a lot of SSL tests but only if 
SASL has been initialised first. So if you run many of the failing tests by 
them selves using proton-test directly they will succeed.

The first error in a full test run looks like:
1: proton_tests.sasl.SSLSASLTest.testSSLExternalSimple ..................... 
1: Error during setup:  Traceback (most recent call last):
1:     File 
"/home/andrew/src/proton/qpid-proton-0.10/tests/python/proton-test", line 360, 
in run
1:       phase()
1:     File 
line 373, in setup
1:       self.server_domain = SSLDomain(SSLDomain.MODE_SERVER)
1:     File 
 line 3490, in __init__
1:       raise SSLUnavailable()
1:   SSLUnavailable

It seems that the underlying cause here is that the Cyrus sasl otp code uses 
libcrypt which has some global initialisation.

If the otp code gets there first it initiialises libcrypt in a way which makes 
this line of code in the proton openssl code fail:
[line 482 of openssl.c]
 domain->ctx = SSL_CTX_new(SSLv23_server_method()); // and TLSv1+

It is highly plausible that other cyrus sasl mechs that also use ssl and are 
actually initialised could also cause this problem (at least sql & ldap) 
however in my test environment they aren't initialised.

This message was sent by Atlassian JIRA

Reply via email to