[mod_gnutls-devel] test-36_OCSP_server_nonce failing in 0.11.0 (Was: New release: mod_gnutls 0.11.0)
pgajdos
pgajdos at suse.cz
Mon Jun 29 11:03:11 CEST 2020
On Mon, Jun 29, 2020 at 09:56:57AM +0200, pgajdos wrote:
> test-36_OCSP_server_nonce test is failing for me, the log is
> attached.
I had test-27_OCSP_server and test-34_TLS_reverse_proxy_h2 excluded.
test-34_TLS_reverse_proxy_h2 now passes, test-27_OCSP_server does
not. Attaching test-suite.log.
Thanks!
Petr
--
Have a lot of fun!
-------------- next part --------------
============================================
mod_gnutls 0.11.0: test/test-suite.log
============================================
# TOTAL: 38
# PASS: 36
# SKIP: 0
# XFAIL: 0
# FAIL: 2
# XPASS: 0
# ERROR: 0
.. contents:: :depth: 2
FAIL: test-27_OCSP_server
=========================
Connecting to OCSP server: localhost...
Could not connect to 127.0.0.1:9936: Connection refused
Resolving 'localhost:9936'...
Connecting to '127.0.0.1:9936'...
Connecting to OCSP server: localhost...
Assuming response's signer = issuer (use --load-signer to override).
Resolving 'localhost:9936'...
Connecting to '127.0.0.1:9936'...
OCSP Response Information:
Response Status: Successful
Response Type: Basic OCSP Response
Version: 1
Responder ID: CN=Testing Authority OCSP Responder
Produced At: Mon Jun 29 08:57:25 UTC 2020
Responses:
Certificate ID:
Hash Algorithm: SHA1
Issuer Name Hash: bac68790352ceb4c4de1534445348f8b4b5309b3
Issuer Key Hash: 82073b891fe61f7b24fd4d59400bac2b7968af5c
Serial Number: 22fff0d9
Certificate Status: good
This Update: Mon Jun 29 08:57:25 UTC 2020
Next Update: Mon Jun 29 09:02:25 UTC 2020
Extensions:
Nonce: 98e151184deb0fb8babbe4bc9d26e4d823be1753c440ee
Signature Algorithm: RSA-SHA256
-----BEGIN OCSP RESPONSE-----
MIIG9AoBAKCCBu0wggbpBgkrBgEFBQcwAQEEggbaMIIG1jCB1aEtMCsxKTAnBgNV
BAMTIFRlc3RpbmcgQXV0aG9yaXR5IE9DU1AgUmVzcG9uZGVyGA8yMDIwMDYyOTA4
NTcyNVowZzBlMD0wCQYFKw4DAhoFAAQUusaHkDUs60xN4VNERTSPi0tTCbMEFIIH
O4kf5h97JP1NWUALrCt5aK9cAgQi//DZgAAYDzIwMjAwNjI5MDg1NzI1WqARGA8y
MDIwMDYyOTA5MDIyNVqhKjAoMCYGCSsGAQUFBzABAgQZBBeY4VEYTesPuLq75Lyd
JuTYI74XU8RA7jANBgkqhkiG9w0BAQsFAAOCAYEAhA8VYALKQP26kqpfRaz7o6ZS
oAWUMEE87poZVUoePV/H2vvDYnOxb5xPc3YLZXDUOohOsMkdOBDWDtgTftDhbxiX
Rhkc7Rk6GAoFl9aQFQMSvAAaFQqE4vOWAfm17TLUjK1FZ3TY9G5KOIaiMCYR2wQ8
IvgX8yHmlX0owublclJPw95OSWP7SfNabczG7vbYa1C1E8XVi5SfsdoxG8Fnv+KR
KicXNs/v/ST1NZM+V64To2fZO/iep9mvOyxMQe9k1nZ0gfbvCA2YcOG1FsJA3PCy
h35aen5viSIdKewjojUx7yiIBV4FNa4G1CGOuZLv/1UegdQmUW7TipPuD73bJnqq
fQ41rd7Fe/KdfKxGZv8W3qTD59wmS7GPUNAE0L+UvxVqPUPeSIcsenRKvEYhQ3ya
aQM5Hh790E0lugmgAEG8n9GIPVyAbOJNqKw13AU+j+puUDjMaoTNMirinA4PtVHX
K3dHAO/9/fY/yOFIOXWEnVr11NzjlgUGVCquWjK+oIIEZjCCBGIwggReMIICxqAD
AgECAhQCHZC/89WL9SL2Q9ZEB90tWPBeEzANBgkqhkiG9w0BAQsFADAcMRowGAYD
VQQDExFUZXN0aW5nIEF1dGhvcml0eTAeFw0yMDA2MjkwODU2MzJaFw0yMTA2Mjkw
ODU2MzJaMCsxKTAnBgNVBAMTIFRlc3RpbmcgQXV0aG9yaXR5IE9DU1AgUmVzcG9u
ZGVyMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAx92EMKGBy3LjtL9Q
SEJ+Zk84EvphTDFbk/83I08mjK5lh/AMtwTj2jhlBb2Vb8a0cKq9qoCqEJgwVFwk
jKiUqc6XXrkK2YPDz2vRfWJb4jRAzNCLY/kjvy5qzbDxfyCv1DHGJkcBTS4C+hWU
D7mR70ou4ZHY2QwR7bEfS/iQJjh65UD92yGWUGOdF0wwRR9BNCbz1ubpTRHzDH8G
l943b1SHx0w7EXPl8838gYJ8+SiJQqMptAw9wxy8OQwuFTNxisfhr2bbB+O0sEJG
XmAXG9/iOYSnIbJfedwk0nj5El6wsbcdbOBl4J0CsjJt3emquB2CO5OGPE0iUys/
1VSAmRZ3QYuIZ0v9k+2xYoSSFYP5r4vkynNisw72oDRsaTHzfb8AcTXrkSSa1MoM
HwoIFBS9dlWnmDdCmYOGIIVNHChu9rAwzTrUGDQXVERyc1HAMncdZSfrOfQc/bjG
GZQJiKiZrihWEA7rp550ZQwrqub/QU9Wsav2+5WpDS25796BAgMBAAGjgYgwgYUw
DwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFIcaHKtQUHyztriZ/WVTJvbR
oD5ZMB8GA1UdIwQYMBaAFLS6IJu5dPyUaLggikE/cUIlF+NiMA0GCSqGSIb3DQEB
CwUAA4IBgQAneH96gA1fK+cpPxT50HS3yWvK8XT6s5Budu5V47tIkn6cF16p9uSp
Bo35+lyXiT6k1WG+i1zesMVSZxfHyShI3CqdiPP8uOtAHd/pIDoHI6eV7UdiU5Di
N/pBBOAKJZwSoKpO8hOTmF2vwqNg/LQNlEoH2zJyHaDRfwLAYVBpJWyxTS/DDNmH
nwHtcuvrskqVYcQHwGhvZXzLIQkGaL4h1mwVg+f3Iso/0eRUJ8kYj6o/LBp6eGw0
LvS2khtdDC46xbav44gDn5sKFEguUGiqu/QnJeJ5WGuYfleJrHnBH5UO1SBa2nx3
fxPxZkGWmdzWGVHE+WJyqUmzgOVjrc4X5D2zl3esQGEouaT3gtb1NepKMpZPhgFl
WaFv8tzKO2/YAODH+6GhFRAcXxS1jGbkZ8A2ZY9lxR1jXl0d+iq2LWMgukEUalLm
xgRPOoBAkA8Ll3cLoNjS99DBCXO2qFaBSPH+nI2N3BhiI8p4+LLJQopdxZscUKrL
mcGOjvtGz0w=
-----END OCSP RESPONSE-----
Verifying OCSP Response: Success.
[Mon Jun 29 08:57:25.528843 2020] [gnutls:debug] [pid 25131:tid 140166432016384] gnutls_cache.c(367): mgs_cache_inst_config: Socache 'shmcb:cache/gnutls_cache_27_OCSP_server(65536)' created.
Found test 27_OCSP_server, test dir is /home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/27_OCSP_server
Starting: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/27_OCSP_server/ocsp.conf', '-k', 'start', '-DFOREGROUND']
Starting: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/27_OCSP_server/apache.conf', '-k', 'start', '-DFOREGROUND']
Running test connection 0: Check if the HTTPS server provides an OCSP status
Aquiring lock on test.lock...
Got lock on test.lock.
*** Fatal error: A TLS fatal alert has been received.
Processed 1 CA certificate(s).
Resolving 'localhost:9932'...
Connecting to '127.0.0.1:9932'...
*** Received alert [40]: Handshake failed
[Mon Jun 29 08:57:26.057916 2020] [gnutls:debug] [pid 25195:tid 140098251180032] gnutls_cache.c(367): mgs_cache_inst_config: Socache 'shmcb:cache/gnutls_cache_27_OCSP_server(65536)' created.
Unlocking test.lock...
Unlocked test.lock.
Stopping: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/27_OCSP_server/apache.conf', '-k', 'stop']
Stopping: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/27_OCSP_server/ocsp.conf', '-k', 'stop']
Traceback (most recent call last):
File "./runtest.py", line 256, in <module>
main(args)
File "./runtest.py", line 204, in main
run_test_conf(test_conf,
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 569, in run_test_conf
test_conn.run(timeout=timeout, conn_log=conn_log,
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 182, in run
act.run(conn, response_log)
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 242, in run
raise err
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 233, in run
resp = conn.getresponse()
File "/usr/lib64/python3.8/http/client.py", line 1332, in getresponse
response.begin()
File "/usr/lib64/python3.8/http/client.py", line 303, in begin
version, status, reason = self._read_status()
File "/usr/lib64/python3.8/http/client.py", line 264, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib64/python3.8/socket.py", line 669, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [Errno 104] Connection reset by peer
FAIL test-27_OCSP_server.bash (exit status: 1)
FAIL: test-36_OCSP_server_nonce
===============================
Connecting to OCSP server: localhost...
Could not connect to 127.0.0.1:9936: Connection refused
Resolving 'localhost:9936'...
Connecting to '127.0.0.1:9936'...
Connecting to OCSP server: localhost...
Assuming response's signer = issuer (use --load-signer to override).
Resolving 'localhost:9936'...
Connecting to '127.0.0.1:9936'...
OCSP Response Information:
Response Status: Successful
Response Type: Basic OCSP Response
Version: 1
Responder ID: CN=Testing Authority OCSP Responder
Produced At: Mon Jun 29 08:57:43 UTC 2020
Responses:
Certificate ID:
Hash Algorithm: SHA1
Issuer Name Hash: bac68790352ceb4c4de1534445348f8b4b5309b3
Issuer Key Hash: 82073b891fe61f7b24fd4d59400bac2b7968af5c
Serial Number: 22fff0d9
Certificate Status: good
This Update: Mon Jun 29 08:57:43 UTC 2020
Next Update: Mon Jun 29 09:02:43 UTC 2020
Extensions:
Nonce: 358a8453ae23d8982ecade3e462d356565cb185075cf0e
Signature Algorithm: RSA-SHA256
-----BEGIN OCSP RESPONSE-----
MIIG9AoBAKCCBu0wggbpBgkrBgEFBQcwAQEEggbaMIIG1jCB1aEtMCsxKTAnBgNV
BAMTIFRlc3RpbmcgQXV0aG9yaXR5IE9DU1AgUmVzcG9uZGVyGA8yMDIwMDYyOTA4
NTc0M1owZzBlMD0wCQYFKw4DAhoFAAQUusaHkDUs60xN4VNERTSPi0tTCbMEFIIH
O4kf5h97JP1NWUALrCt5aK9cAgQi//DZgAAYDzIwMjAwNjI5MDg1NzQzWqARGA8y
MDIwMDYyOTA5MDI0M1qhKjAoMCYGCSsGAQUFBzABAgQZBBc1ioRTriPYmC7K3j5G
LTVlZcsYUHXPDjANBgkqhkiG9w0BAQsFAAOCAYEAZtqdWZ3tojbXmcwsyhiroieU
n+RL3jMThwQHix8ovp69wTNo6sg0f4yDcXY/QbCVzHGGEYI5ma0Ys6mSvCC6aWDQ
C30QS/8MSs5hmbT+QVLEfFaBTfmxHlNAbjbdnRVCEvo2sC35wA9nztbgnK/i7E1S
FrFyFmFHA0HkasSryFo4cj7n5/VbwdcEqsQvaJFZeMUeDxIq7aW7IMUw7/hFQr9b
Sr4jVtOYVqKnEXTyBAWTlIZN2MdxzIeBVOL33D7BnbrrkYPFFpSRwEjxdznxTY/G
PJ6ZPc5+iq5L5WBzirHHBKlcqDxVIsITHxT4s+Z6FPskpW99pM9MRtfh9owwf2Bz
97QUVcLgUJ91VJXoMcnTr6R2oA9MnGpsklRZkZ1uO8UgdSy6cC8/3ToEs5Xf0lNi
daCCyMnmy5h6irN1ck/fRnkKtH1xijgIhGAGGdf3l+GLaOwQonjV7yDtN1HvPVtW
tgdU0q84i8G2NGlX5zmrv0Xd8D8DJ6ka75ZRaxH9oIIEZjCCBGIwggReMIICxqAD
AgECAhQCHZC/89WL9SL2Q9ZEB90tWPBeEzANBgkqhkiG9w0BAQsFADAcMRowGAYD
VQQDExFUZXN0aW5nIEF1dGhvcml0eTAeFw0yMDA2MjkwODU2MzJaFw0yMTA2Mjkw
ODU2MzJaMCsxKTAnBgNVBAMTIFRlc3RpbmcgQXV0aG9yaXR5IE9DU1AgUmVzcG9u
ZGVyMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAx92EMKGBy3LjtL9Q
SEJ+Zk84EvphTDFbk/83I08mjK5lh/AMtwTj2jhlBb2Vb8a0cKq9qoCqEJgwVFwk
jKiUqc6XXrkK2YPDz2vRfWJb4jRAzNCLY/kjvy5qzbDxfyCv1DHGJkcBTS4C+hWU
D7mR70ou4ZHY2QwR7bEfS/iQJjh65UD92yGWUGOdF0wwRR9BNCbz1ubpTRHzDH8G
l943b1SHx0w7EXPl8838gYJ8+SiJQqMptAw9wxy8OQwuFTNxisfhr2bbB+O0sEJG
XmAXG9/iOYSnIbJfedwk0nj5El6wsbcdbOBl4J0CsjJt3emquB2CO5OGPE0iUys/
1VSAmRZ3QYuIZ0v9k+2xYoSSFYP5r4vkynNisw72oDRsaTHzfb8AcTXrkSSa1MoM
HwoIFBS9dlWnmDdCmYOGIIVNHChu9rAwzTrUGDQXVERyc1HAMncdZSfrOfQc/bjG
GZQJiKiZrihWEA7rp550ZQwrqub/QU9Wsav2+5WpDS25796BAgMBAAGjgYgwgYUw
DwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFIcaHKtQUHyztriZ/WVTJvbR
oD5ZMB8GA1UdIwQYMBaAFLS6IJu5dPyUaLggikE/cUIlF+NiMA0GCSqGSIb3DQEB
CwUAA4IBgQAneH96gA1fK+cpPxT50HS3yWvK8XT6s5Budu5V47tIkn6cF16p9uSp
Bo35+lyXiT6k1WG+i1zesMVSZxfHyShI3CqdiPP8uOtAHd/pIDoHI6eV7UdiU5Di
N/pBBOAKJZwSoKpO8hOTmF2vwqNg/LQNlEoH2zJyHaDRfwLAYVBpJWyxTS/DDNmH
nwHtcuvrskqVYcQHwGhvZXzLIQkGaL4h1mwVg+f3Iso/0eRUJ8kYj6o/LBp6eGw0
LvS2khtdDC46xbav44gDn5sKFEguUGiqu/QnJeJ5WGuYfleJrHnBH5UO1SBa2nx3
fxPxZkGWmdzWGVHE+WJyqUmzgOVjrc4X5D2zl3esQGEouaT3gtb1NepKMpZPhgFl
WaFv8tzKO2/YAODH+6GhFRAcXxS1jGbkZ8A2ZY9lxR1jXl0d+iq2LWMgukEUalLm
xgRPOoBAkA8Ll3cLoNjS99DBCXO2qFaBSPH+nI2N3BhiI8p4+LLJQopdxZscUKrL
mcGOjvtGz0w=
-----END OCSP RESPONSE-----
Verifying OCSP Response: Success.
[Mon Jun 29 08:57:43.121431 2020] [gnutls:debug] [pid 26051:tid 140023699736576] gnutls_cache.c(367): mgs_cache_inst_config: Socache 'shmcb:cache/gnutls_cache_36_OCSP_server_nonce(65536)' created.
Found test 36_OCSP_server_nonce, test dir is /home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/36_OCSP_server_nonce
Starting: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/36_OCSP_server_nonce/ocsp.conf', '-k', 'start', '-DFOREGROUND']
Starting: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/36_OCSP_server_nonce/apache.conf', '-k', 'start', '-DFOREGROUND']
Running test connection 0: Check if the HTTPS server provides an OCSP status
Aquiring lock on test.lock...
Got lock on test.lock.
*** Fatal error: A TLS fatal alert has been received.
Processed 1 CA certificate(s).
Resolving 'localhost:9932'...
Connecting to '127.0.0.1:9932'...
*** Received alert [40]: Handshake failed
[Mon Jun 29 08:57:43.652741 2020] [gnutls:debug] [pid 26115:tid 140361737902080] gnutls_cache.c(367): mgs_cache_inst_config: Socache 'shmcb:cache/gnutls_cache_36_OCSP_server_nonce(65536)' created.
Unlocking test.lock...
Unlocked test.lock.
Stopping: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/36_OCSP_server_nonce/apache.conf', '-k', 'stop']
Stopping: ['/usr/sbin/httpd', '-f', '/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/tests/36_OCSP_server_nonce/ocsp.conf', '-k', 'stop']
Traceback (most recent call last):
File "./runtest.py", line 256, in <module>
main(args)
File "./runtest.py", line 204, in main
run_test_conf(test_conf,
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 569, in run_test_conf
test_conn.run(timeout=timeout, conn_log=conn_log,
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 182, in run
act.run(conn, response_log)
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 242, in run
raise err
File "/home/abuild/rpmbuild/BUILD/mod_gnutls-0.11.0/test/mgstest/tests.py", line 233, in run
resp = conn.getresponse()
File "/usr/lib64/python3.8/http/client.py", line 1332, in getresponse
response.begin()
File "/usr/lib64/python3.8/http/client.py", line 303, in begin
version, status, reason = self._read_status()
File "/usr/lib64/python3.8/http/client.py", line 264, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib64/python3.8/socket.py", line 669, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [Errno 104] Connection reset by peer
FAIL test-36_OCSP_server_nonce.bash (exit status: 1)
More information about the mod_gnutls-devel
mailing list