Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: unable to update some crypto/tls recorded tests #31809

Open
derekparker opened this issue May 2, 2019 · 1 comment

Comments

@derekparker
Copy link
Contributor

commented May 2, 2019

What version of Go are you using (go version)?

$ rhel8-7d32e1526b2a-0# ../../../bin/go version                                          
$ go version devel +d2765de863 Thu May 2 15:38:36 2019 +0000 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ rhel8-7d32e1526b2a-0# ../../../bin/go env    
GOARCH="amd64"
GOBIN=""
GOCACHE="/root/.cache/go-build"
GOENV="/root/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/root/go"
GOPROXY="direct"
GOROOT="/go"
GOSUMDB="off"
GOTMPDIR=""
GOTOOLDIR="/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/go/src/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build126288050=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I attempted to update some of the recorded TLS tests using OpenSSL 1.1.1 built and configured according to the recommended way: ./config enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method.

What did you expect to see?

The test pass and a new recording generated.

What did you see instead?

OpenSSL failed to start due to a small key size:

=== RUN   TestRenegotiateTwiceRejected
=== RUN   TestRenegotiateTwiceRejected/TLSv12
--- FAIL: TestRenegotiateTwiceRejected (0.16s)
    --- FAIL: TestRenegotiateTwiceRejected/TLSv12 (0.16s)
        handshake_client_test.go:315: Failed to start subcommand: error connecting to the OpenSSL server: dial tcp 127.0.0.1:24323: connect: connection refused (exit status 1)
            
            Using default temp DH parameters
            error setting certificate
            140698504263488:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: DH PARAMETERS
            140698504263488:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small:ssl/ssl_rsa.c:310:
@derekparker

This comment has been minimized.

Copy link
Contributor Author

commented May 2, 2019

@bradfitz bradfitz changed the title Unable to update some crypto/tls recorded tests crypto/tls: unable to update some crypto/tls recorded tests May 2, 2019

@bradfitz bradfitz added this to the Go1.13 milestone May 2, 2019

@bradfitz bradfitz modified the milestones: Go1.13, Go1.14 May 2, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.