Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required

2023-08-24 Thread Shengjing Zhu 
Hi,

On Thu, Aug 24, 2023 at 5:38 AM Alberto Bertogli
 wrote:
>
> On Mon, Aug 21, 2023 at 05:32:53PM +0800, Shengjing Zhu wrote:
> >Source: kxd
> >Version: 0.15-4
> >Severity: serious
> >Tags: ftbfs
> >X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org
> >
> >I'm not sure if it's related to golang-defaults -> golang-1.21 recently.
> >
> [...]
> >Traceback (most recent call last):
> >  File "/<>/tests/run_tests", line 360, in test_no_local_cert
> >self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE")
> >AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != 
> >'SSLV3_ALERT_BAD_CERTIFICATE'
> >- TLSV13_ALERT_CERTIFICATE_REQUIRED
> >+ SSLV3_ALERT_BAD_CERTIFICATE
>
> Thanks for filing this!
>
> Yeah I think it's likely, this looks like a more specific and accurate
> error is now reported in this case, either due to the Go TLS library, or
> OpenSSL (which the tests use because they're written in Python).
>
> I have a patch in the `next` branch that should update the test
> accordingly:
>
> https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340/
>
> https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340.patch
>
> Would you mind giving it a try? It should solve the problem.
>

I have uploaded the patch in kxd/0.15-4.1.

BTW I see this package doesn't have the Built-Using field (or
Static-Built-Using more correctly) to track the embedded Go toolchain
version, although it has `Built-Using: ${misc:Built-Using}` in
debian/control file. Would you like to improve that a bit?

-- 
Shengjing Zhu

Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required

2023-08-23 Thread Alberto Bertogli 

On Mon, Aug 21, 2023 at 05:32:53PM +0800, Shengjing Zhu wrote:

Source: kxd
Version: 0.15-4
Severity: serious
Tags: ftbfs
X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org

I'm not sure if it's related to golang-defaults -> golang-1.21 recently.


[...]

Traceback (most recent call last):
 File "/<>/tests/run_tests", line 360, in test_no_local_cert
   self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE")
AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != 
'SSLV3_ALERT_BAD_CERTIFICATE'
- TLSV13_ALERT_CERTIFICATE_REQUIRED
+ SSLV3_ALERT_BAD_CERTIFICATE


Thanks for filing this!

Yeah I think it's likely, this looks like a more specific and accurate 
error is now reported in this case, either due to the Go TLS library, or 
OpenSSL (which the tests use because they're written in Python).


I have a patch in the `next` branch that should update the test 
accordingly:


https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340/

https://blitiri.com.ar/git/r/kxd/c/ca7d96cc6088cddbdd9904cc8de8192b417a9340.patch

Would you mind giving it a try? It should solve the problem.

Thanks!
Alberto

Bug#1050168: FTBFS: test_no_local_cert: tlsv13 alert certificate required

2023-08-21 Thread Shengjing Zhu 
Source: kxd
Version: 0.15-4
Severity: serious
Tags: ftbfs
X-Debbugs-Cc: albert...@blitiri.com.ar, z...@debian.org

I'm not sure if it's related to golang-defaults -> golang-1.21 recently.

tests/run_tests -b
...F
Stderr:
/usr/lib/python3.11/unittest/case.py:622: ResourceWarning: unclosed 

  with outcome.testPartExecutor(self):
..
==
FAIL: test_no_local_cert (__main__.TrickyRequests.test_no_local_cert)
No local certificate.
--
Traceback (most recent call last):
  File "/<>/tests/run_tests", line 357, in test_no_local_cert
conn.getresponse()
  File "/usr/lib/python3.11/http/client.py", line 1378, in getresponse
response.begin()
  File "/usr/lib/python3.11/http/client.py", line 318, in begin
version, status, reason = self._read_status()
  ^^^
  File "/usr/lib/python3.11/http/client.py", line 279, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
   ^^
  File "/usr/lib/python3.11/socket.py", line 706, in readinto
return self._sock.recv_into(b)
   ^^^
  File "/usr/lib/python3.11/ssl.py", line 1278, in recv_into
return self.read(nbytes, buffer)
   ^
  File "/usr/lib/python3.11/ssl.py", line 1134, in read
return self._sslobj.read(len, buffer)
   ^^
ssl.SSLError: [SSL: TLSV13_ALERT_CERTIFICATE_REQUIRED] tlsv13 alert certificate 
required (_ssl.c:2576)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/<>/tests/run_tests", line 360, in test_no_local_cert
self.assertEqual(err.reason, "SSLV3_ALERT_BAD_CERTIFICATE")
AssertionError: 'TLSV13_ALERT_CERTIFICATE_REQUIRED' != 
'SSLV3_ALERT_BAD_CERTIFICATE'
- TLSV13_ALERT_CERTIFICATE_REQUIRED
+ SSLV3_ALERT_BAD_CERTIFICATE


Stdout:
Launching server:  /<>/out/kxd 
--data_dir=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/data 
--key=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/key.pem 
--cert=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/cert.pem 
--logfile=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/log 
--hook=/tmp/kxdtest-y_lm39pn/config-server-u2ol6sph/hook

--
Ran 10 tests in 3.009s

FAILED (failures=1)