Public bug reported: [impact]
autopkgtest 'command1' fails: # bootstrap.test.lua [ ta ] keyfile 'ok1.keys': doesn't exist, bootstrapping ok 1 - fake server certificate is detected # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/ok1.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_attr_extra_attr.keys': doesn't exist, bootstrapping ok 2 - bogus TA XML with an extra attribute # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_attr_extra_attr.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_attr_validfrom_invalid.keys': doesn't exist, bootstrapping ok 3 - bogus TA XML with invalid validFrom value # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_attr_validfrom_invalid.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_attr_validfrom_missing.keys': doesn't exist, bootstrapping ok 4 - bogus TA XML without mandatory validFrom attribute # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_attr_validfrom_missing.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_elem_extra.keys': doesn't exist, bootstrapping ok 5 - bogus TA XML with an extra element # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_elem_extra.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_elem_missing.keys': doesn't exist, bootstrapping ok 6 - bogus TA XML without mandatory element # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_elem_missing.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'err_multi_ta.keys': doesn't exist, bootstrapping ok 7 - bogus TA XML with multiple TAs # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/err_multi_ta.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'unsupp_nonroot.keys': doesn't exist, bootstrapping ok 8 - unsupported TA XML for non-root zone # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/unsupp_nonroot.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'unsupp_xml_v11.keys': doesn't exist, bootstrapping ok 9 - unsupported TA XML with XML v1.1 # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/unsupp_xml_v11.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile 'ok0_badtimes.keys': doesn't exist, bootstrapping ok 10 - TA XML with no valid keys # Got this error: "/usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/ok0_badtimes.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec"; [ ta ] keyfile '@/tmp/autopkgtest.UnFhsC/build.Co6/src/tests/config/test.cfg:23 /usr/lib/knot-resolver/trust_anchors.lua:503: [ ta ] fetch of "https://localhost:8080/ok1_expired1.xml"; failed: certificate verify failed [ ta ] Failed to bootstrap root trust anchors; see: https://knot-resolver.readthedocs.io/en/latest/daemon.html#enabling-dnssec ok1_expired1.keys': doesn't exist, bootstrapping Expected return code '0' got '2'. make: *** [tests/config/test_config.mk:22: daemon/lua/trust_anchors.test/bootstrap.test.lua] Error 1 [test case] check autopkgtest output, e.g.: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-eoan/eoan/amd64/k/knot-resolver/20200204_001858_d45dd@/log.gz [regression potential] continued autopkgtest failures and/or incorrect failures or incorrect passes ** Affects: knot-resolver (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1861924 Title: 'command1' autopkgtest fails due to expired test certs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/knot-resolver/+bug/1861924/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
