Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix ssl_test_new and ssl_test_old when SSLv3 is enabled #11586

Closed
wants to merge 3 commits into from

Conversation

@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Apr 20, 2020

The ssl_test_new and ssl_test_old tests are failing when SSLv3 is enabled.

There are a couple of fetches, that only occur in those codepaths and weren't using the correct libctx. Also we need to disable some tests in ssl_test_old when using the FIPS provider.

Marking this as urgent because it is one of the causes for the current travis failures (other fixes for travis failures in #11585 and #11573.

I've marked this with "extended tests". I do expect some of those tests to fail because of the other issues - but hopefully it won't fail due to ssl_test_new/ssl_test_old.

mattcaswell added 2 commits Apr 20, 2020
A couple of fetches of the MD5 and SHA1 digests were not using the
libctx in libssl and causing test_ssl_new to fail in travis. This
only occurs on builds with SSLv3 enabled (its disabled by default).

[extended tests]
In builds where SSLv3 is enabled ssl_test_old was failing. We need to
make sure we disable SSLv3 related tests when using the FIPS provider.

[extended tests]
test/recipes/80-test_ssl_old.t Outdated Show resolved Hide resolved
[extended tests]
@t8m
t8m approved these changes Apr 20, 2020
Copy link
Member

@t8m t8m left a comment

Approved if the SSLv3 related test failures are fixed and no new ones are introduced.

@mattcaswell
Copy link
Member Author

@mattcaswell mattcaswell commented Apr 21, 2020

Approved if the SSLv3 related test failures are fixed and no new ones are introduced.

Although some builds failed due to unrelated issues, there aren't any TLS test failures in so I will push this now.

openssl-machine pushed a commit that referenced this pull request Apr 21, 2020
A couple of fetches of the MD5 and SHA1 digests were not using the
libctx in libssl and causing test_ssl_new to fail in travis. This
only occurs on builds with SSLv3 enabled (its disabled by default).

[extended tests]

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from #11586)
openssl-machine pushed a commit that referenced this pull request Apr 21, 2020
In builds where SSLv3 is enabled ssl_test_old was failing. We need to
make sure we disable SSLv3 related tests when using the FIPS provider.

[extended tests]

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from #11586)
@mattcaswell
Copy link
Member Author

@mattcaswell mattcaswell commented Apr 21, 2020

Pushed. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants