Andrew Stitcher created PROTON-979:
Summary: build tests fail if Cyrus SASL otp mech is installed
Project: Qpid Proton
Issue Type: Bug
Affects Versions: 0.9.1, 0.10, 0.11
Environment: Ubuntu 14.04, cyrus sasl 2.1.25
Reporter: Andrew Stitcher
If you have the Cyrus SASL OTP module installed (debian package
While running 'ctest' the python-test fails in a lot of SSL tests but only if
SASL has been initialised first. So if you run many of the failing tests by
them selves using proton-test directly they will succeed.
The first error in a full test run looks like:
1: proton_tests.sasl.SSLSASLTest.testSSLExternalSimple .....................
1: Error during setup: Traceback (most recent call last):
"/home/andrew/src/proton/qpid-proton-0.10/tests/python/proton-test", line 360,
line 373, in setup
1: self.server_domain = SSLDomain(SSLDomain.MODE_SERVER)
line 3490, in __init__
1: raise SSLUnavailable()
It seems that the underlying cause here is that the Cyrus sasl otp code uses
libcrypt which has some global initialisation.
If the otp code gets there first it initiialises libcrypt in a way which makes
this line of code in the proton openssl code fail:
[line 482 of openssl.c]
domain->ctx = SSL_CTX_new(SSLv23_server_method()); // and TLSv1+
It is highly plausible that other cyrus sasl mechs that also use ssl and are
actually initialised could also cause this problem (at least sql & ldap)
however in my test environment they aren't initialised.
This message was sent by Atlassian JIRA