This repository has been archived by the owner. It is now read-only.

test-tls-server-verify failing on pi (ARM) #4017

Closed
piscisaureus opened this Issue Sep 13, 2012 · 1 comment

Comments

Projects
None yet
2 participants
Member

piscisaureus commented Sep 13, 2012

Seems to be related to the recent openssl 1.0.1c upgrade.
Quite possibly: http://comments.gmane.org/gmane.comp.encryption.openssl.devel/20678

Running 'Allow both authed and unauthed connections with CA1'
  connecting with agent1
CONNECTED(00000003)

---
Certificate chain
 0 s:/C=US/ST=CA/L=SF/O=Joyent/OU=Node.js/CN=agent2/emailAddress=ry@tinyclouds.o
rg
   i:/C=US/ST=CA/L=SF/O=Joyent/OU=Node.js/CN=agent2/emailAddress=ry@tinyclouds.o
rg

---
Server certificate
-----BEGIN CERTIFICATE-----
MIIB7DCCAZYCCQC7gs0MDNn6MTANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJV
UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
BgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEgMB4GCSqGSIb3DQEJARYR
cnlAdGlueWNsb3Vkcy5vcmcwHhcNMTEwMzE0MTgyOTEyWhcNMzgwNzI5MTgyOTEy
WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYD
VQQKEwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEg
MB4GCSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEF
AANLADBIAkEAyXb8FrRdKbhrKLgLSsn61i1C7w7fVVVd7OQsmV/7p9WB2lWFiDlC
WKGU9SiIz/A6wNZDUAuc2E+VwtpCT561AQIDAQABMA0GCSqGSIb3DQEBBQUAA0EA
C8HzpuNhFLCI3A5KkBS5zHAQax6TFUOhbpBCR0aTDbJ6F1liDTK1lmU/BjvPoj+9
1LHwrmh29rK8kBPEjmymCQ==
-----END CERTIFICATE-----
subject=/C=US/ST=CA/L=SF/O=Joyent/OU=Node.js/CN=agent2/emailAddress=ry@tinycloud
s.org
issuer=/C=US/ST=CA/L=SF/O=Joyent/OU=Node.js/CN=agent2/emailAddress=ry@tinyclouds
.org

---
Acceptable client certificate CA names
/C=US/ST=CA/L=SF/O=Joyent/OU=Node.js/CN=ca1/emailAddress=ry@tinyclouds.org

---
SSL handshake has read 753 bytes and written 648 bytes

---
New, (NONE), Cipher is (NONE)
Server public key is 512 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key: 993EE35806DDA9925DE3DDABA21124D9B73C0D555E6F22D6609E061EBFAC8E2E
C29BDEFCDD03EA34A66271F6468D1E59
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1347576226
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)

---
depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAdd
ress = ry@tinyclouds.org
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAdd
ress = ry@tinyclouds.org
verify return:1
1074218192:error:04075070:rsa routines:RSA_sign:digest too big for rsa key:rsa_s
ign.c:127:
1074218192:error:14099006:SSL routines:SSL3_SEND_CLIENT_VERIFY:EVP lib:s3_clnt.c
:2983:

assert.js:102
  throw new assert.AssertionError({
        ^
AssertionError: agent1 rejected, but should NOT have been
    at ChildProcess.<anonymous> (/home/pi/node/test/simple/test-tls-server-verif
y.js:220:14)
    at ChildProcess.EventEmitter.emit (events.js:91:17)
    at Process._handle.onexit (child_process.js:687:12)
    at process.startup.processMakeCallback.process._makeCallback (node.js:248:20
)
Member

bnoordhuis commented Oct 10, 2013

I'm closing this due to inactivity. If it's still an issue, then please reopen it.

@bnoordhuis bnoordhuis closed this Oct 10, 2013

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.