Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default config file with minimum TLS version causes test failures #6046

Closed
kroeckx opened this issue Apr 22, 2018 · 0 comments
Closed

Default config file with minimum TLS version causes test failures #6046

kroeckx opened this issue Apr 22, 2018 · 0 comments
Milestone
1.1.1

Comments

@kroeckx
Copy link
Member

kroeckx commented Apr 22, 2018

It seems that a default config file installed on the system that contains

[default_conf]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
MinProtocol = TLSv1.2

Causes test suite failures:

Test Summary Report
-------------------
../test/recipes/70-test_sslrecords.t             (Wstat: 256 Tests: 18 Failed: 1)
  Failed test:  11
  Non-zero exit status: 1
../test/recipes/70-test_sslversions.t            (Wstat: 256 Tests: 7 Failed: 1)
  Failed test:  6
  Non-zero exit status: 1
../test/recipes/80-test_ssl_new.t                (Wstat: 256 Tests: 27 Failed: 1)
  Failed test:  10
  Non-zero exit status: 1

Changing it to TLSv1 fixes the test issues.

The test suite should either not use the config file from the system, or override the defaults in it.
levitte added a commit to levitte/openssl that referenced this issue Apr 23, 2018
@levitte
Avoid external config files during tests
0f2ca9a 
The tests might pick up an openssl.cnf from default locations.  To
avoid that, we force the use of a test default that contains nothing
(i.e. forces OpenSSL to run with build in values)

Fixes openssl#6046
@levitte levitte mentioned this issue Apr 23, 2018
Closed
@mattcaswell mattcaswell added this to the 1.1.1 milestone Apr 23, 2018
@kroeckx kroeckx mentioned this issue Apr 28, 2018
Closed
kroeckx added a commit to kroeckx/openssl that referenced this issue Apr 28, 2018
@kroeckx
Use the config file from the source not the host for the tests
e7dd6ce 
Fixes: openssl#6046

[extended tests]
levitte added a commit to levitte/openssl that referenced this issue Nov 14, 2018
@levitte
Avoid external config files during tests
d446969 
The tests might pick up an openssl.cnf from default locations.  To
avoid that, we force the use of a test default that contains nothing
(i.e. forces OpenSSL to run with build in values)

Fixes openssl#6046
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.1.1
Development

No branches or pull requests
2 participants
@kroeckx @mattcaswell