[gnutls-devel] gnutls 3.5.11

Nikos Mavrogianopoulos n.mavrogiannopoulos at gmail.com
Tue Apr 11 10:06:25 CEST 2017


There was an issue with pkcs11 trust stores and this test. Check the repo for the fix.

On April 10, 2017 9:36:59 PM GMT+03:00, Andreas Radke <andreas.radke at mailbox.org> wrote:
>Am Sat, 8 Apr 2017 14:39:56 +0200
>schrieb Andreas Metzler <ametzler at bebt.de>:
>
>> On 2017-04-08 Andreas Radke <andreas.radke at mailbox.org> wrote:
>> > With this new release the test suite fails here:  
>> 
>> > FAIL: trust-store
>> > =================  
>> 
>> > doit:64: no certificates were found in system trust store!
>> > FAIL trust-store (exit status: 1)  
>> 
>> > Any idea what has changed?  
>> 
>> Hello,
>> 
>> This happens if gnutls is built with e.g. 
>> --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
>> and /etc/ssl/certs/ca-certificates.crt is empty/non-existing when
>> running the testsuite.
>> 
>> cu Andreas
>
>lrwxrwxrwx 1 root root 49 Mar  7
>22:05 /etc/ssl/certs/ca-certificates.crt
>-> ../../ca-certificates/extracted/tls-ca-bundle.pem # ACCVRAIZ1
>-----BEGIN CERTIFICATE-----
>MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
>AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
>CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ
>
>
>May this happen because we use a symlink? The file is not empty. We
>build using
>--with-default-trust-store-pkcs11="pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit"
>
>The test was introduced with this commit:
>https://gitlab.com/gnutls/gnutls/commit/8d740ae87fae9c1237421dd24825b78103c5da36
>
>-Andy

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170411/806a03c0/attachment-0001.html>


More information about the Gnutls-devel mailing list