Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required
Hi, On Thu, Aug 24, 2023 at 5:38 AM Alberto Bertogli wrote: > > On Mon, Aug 21, 2023 at 05:32:53PM +0800, Shengjing Zhu wrote: > >Source: kxd > >Version: 0.15-4 > >Severity: serious > >Tags: ftbfs > >X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org > > > >I'm not sure if it's related to golang-defaults -> golang-1.21 recently. > > > [...] > >Traceback (most recent call last): > > File "/<>/tests/run_tests", line 360, in test_no_local_cert > >self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE") > >AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != > >'SSLV3_ALERT_BAD_CERTIFICATE' > >- TLSV13_ALERT_CERTIFICATE_REQUIRED > >+ SSLV3_ALERT_BAD_CERTIFICATE > > Thanks for filing this! > > Yeah I think it's likely, this looks like a more specific and accurate > error is now reported in this case, either due to the Go TLS library, or > OpenSSL (which the tests use because they're written in Python). > > I have a patch in the `next` branch that should update the test > accordingly: > > https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340/ > > https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340.patch > > Would you mind giving it a try? It should solve the problem. > I have uploaded the patch in kxd/0.15-4.1. BTW I see this package doesn't have the Built-Using field (or Static-Built-Using more correctly) to track the embedded Go toolchain version, although it has `Built-Using: ${misc:Built-Using}` in debian/control file. Would you like to improve that a bit? -- Shengjing Zhu
Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required
On Mon, Aug 21, 2023 at 05:32:53PM +0800, Shengjing Zhu wrote: Source: kxd Version: 0.15-4 Severity: serious Tags: ftbfs X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org I'm not sure if it's related to golang-defaults -> golang-1.21 recently. [...] Traceback (most recent call last): File "/<>/tests/run_tests", line 360, in test_no_local_cert self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE") AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != 'SSLV3_ALERT_BAD_CERTIFICATE' - TLSV13_ALERT_CERTIFICATE_REQUIRED + SSLV3_ALERT_BAD_CERTIFICATE Thanks for filing this! Yeah I think it's likely, this looks like a more specific and accurate error is now reported in this case, either due to the Go TLS library, or OpenSSL (which the tests use because they're written in Python). I have a patch in the `next` branch that should update the test accordingly: https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340/ https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340.patch Would you mind giving it a try? It should solve the problem. Thanks! Alberto
Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required
Source: kxd Version: 0.15-4 Severity: serious Tags: ftbfs X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org I'm not sure if it's related to golang-defaults -> golang-1.21 recently. tests/run_tests -b ...F Stderr: /usr/lib/python3.11/unittest/case.py:622: ResourceWarning: unclosed with outcome.testPartExecutor(self): .. == FAIL: test_no_local_cert (__main__.TrickyRequests.test_no_local_cert) No local certificate. -- Traceback (most recent call last): File "/<>/tests/run_tests", line 357, in test_no_local_cert conn.getresponse() File "/usr/lib/python3.11/http/client.py", line 1378, in getresponse response.begin() File "/usr/lib/python3.11/http/client.py", line 318, in begin version, status, reason = self._read_status() ^^^ File "/usr/lib/python3.11/http/client.py", line 279, in _read_status line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1") ^^ File "/usr/lib/python3.11/socket.py", line 706, in readinto return self._sock.recv_into(b) ^^^ File "/usr/lib/python3.11/ssl.py", line 1278, in recv_into return self.read(nbytes, buffer) ^ File "/usr/lib/python3.11/ssl.py", line 1134, in read return self._sslobj.read(len, buffer) ^^ ssl.SSLError: [SSL: TLSV13_ALERT_CERTIFICATE_REQUIRED] tlsv13 alert certificate required (_ssl.c:2576) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/<>/tests/run_tests", line 360, in test_no_local_cert self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE") AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != 'SSLV3_ALERT_BAD_CERTIFICATE' - TLSV13_ALERT_CERTIFICATE_REQUIRED + SSLV3_ALERT_BAD_CERTIFICATE Stdout: Launching server: /<>/out/kxd --data_dir=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/data --key=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/key.pem --cert=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/cert.pem --logfile=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/log --hook=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/hook -- Ran 10 tests in 3.009s FAILED (failures=1)