Public bug reported: Many nginx ssl tests pass with libssl1.1 version 1.1.0g-2ubuntu4.3 but fail when libssl1.1 is updated to version 1.1.1-1ubuntu2.1~18.04.2.
Repro steps: 1. Create control Dockerfile: ========================================== FROM ubuntu:18.04 RUN apt-get update -y && \ apt-get upgrade -y && \ apt-get install -y git nginx-core xdg-utils openssl=1.1.0g-2ubuntu4.3 libnet-ssleay-perl=1.84-1build1 libio-socket-ssl-perl=2.056-1 libssl1.1=1.1.0g-2ubuntu4.3 RUN git clone https://github.com/nginx/nginx-tests.git WORKDIR /nginx-tests ENV TEST_NGINX_BINARY=/usr/sbin/nginx ENV TEST_NGINX_MODULES=/usr/lib/nginx/modules USER www-data ENTRYPOINT ["prove", "."] ========================================== 2. Run the command in a directory with only the Dockerfile: docker build -t nginx_image . && docker run --rm -it nginx_image 3. See output: ========================================== Test Summary Report ------------------- ./grpc_request_buffering.t (Wstat: 512 Tests: 14 Failed: 2) Failed tests: 11-12 Non-zero exit status: 2 ./h2_server_tokens.t (Wstat: 1536 Tests: 14 Failed: 6) Failed tests: 1-2, 7-8, 10-11 Non-zero exit status: 6 ./upstream_ip_hash_ipv6.t (Wstat: 512 Tests: 0 Failed: 0) Non-zero exit status: 2 Parse errors: No plan found in TAP output Files=346, Tests=3782, 317 wallclock secs ( 1.87 usr 0.78 sys + 35.84 cusr 16.99 csys = 55.48 CPU) Result: FAIL ========================================== 4. Create new Dockerfile (only difference is updating libssl1.1): ========================================== FROM ubuntu:18.04 RUN apt-get update -y && \ apt-get upgrade -y && \ apt-get install -y git nginx-core xdg-utils openssl=1.1.0g-2ubuntu4.3 libnet-ssleay-perl=1.84-1build1 libio-socket-ssl-perl=2.056-1 libssl1.1=1.1.1-1ubuntu2.1~18.04.2 RUN git clone https://github.com/nginx/nginx-tests.git WORKDIR /nginx-tests ENV TEST_NGINX_BINARY=/usr/sbin/nginx ENV TEST_NGINX_MODULES=/usr/lib/nginx/modules USER www-data ENTRYPOINT ["prove", "."] ========================================== 5. See output ========================================== Test Summary Report ------------------- ./grpc_request_buffering.t (Wstat: 512 Tests: 14 Failed: 2) Failed tests: 11-12 Non-zero exit status: 2 ./h2_server_tokens.t (Wstat: 1536 Tests: 14 Failed: 6) Failed tests: 1-2, 7-8, 10-11 Non-zero exit status: 6 ./mail_ssl.t (Wstat: 768 Tests: 22 Failed: 3) Failed tests: 3, 5-6 Non-zero exit status: 3 ./proxy_ssl.t (Wstat: 512 Tests: 9 Failed: 2) Failed tests: 4-5 Non-zero exit status: 2 ./stream_proxy_ssl.t (Wstat: 512 Tests: 8 Failed: 2) Failed tests: 4-5 Non-zero exit status: 2 ./stream_ssl.t (Wstat: 768 Tests: 9 Failed: 3) Failed tests: 2, 4-5 Non-zero exit status: 3 ./stream_upstream_zone_ssl.t (Wstat: 768 Tests: 11 Failed: 3) Failed tests: 4-5, 9 Non-zero exit status: 3 ./upstream_ip_hash_ipv6.t (Wstat: 512 Tests: 0 Failed: 0) Non-zero exit status: 2 Parse errors: No plan found in TAP output ./upstream_zone_ssl.t (Wstat: 768 Tests: 11 Failed: 3) Failed tests: 4-5, 9 Non-zero exit status: 3 Files=346, Tests=3764, 317 wallclock secs ( 2.00 usr 0.73 sys + 36.49 cusr 16.91 csys = 56.13 CPU) Result: FAIL ========================================== New failures: mail_ssl.t, proxy_ssl.t, stream_proxy_ssl.t, stream_ssl.t, stream_upstream_zone_ssl.t, upstream_zone_ssl.t. ** Affects: openssl (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833476 Title: libssl1.1 version 1.1.1-1ubuntu2.1~18.04.2 breaks nginx ssl tests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1833476/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
