Ubuntu
openvswitch package

[debian] FTBFS on 'testing SSL db: implementation'

Bug #2063408 reported by Frode Nordahl
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openvswitch (Ubuntu)
In Progress
Undecided
Frode Nordahl

Bug Description

Full log: https://salsa.debian.org/fnordahl/openvswitch/-/jobs/5634791/raw

# -*- compilation -*-
1890. ovsdb-server.at:827: testing SSL db: implementation ...
0
../../tests/ovsdb-server.at:847: ovsdb-tool create db schema
stderr:
stdout:
../../tests/ovsdb-server.at:850: ovsdb-tool transact db \
     '["mydb",
       {"op": "insert",
        "table": "SSL",
        "row": {"private_key": "'"$PKIDIR/testpki-privkey2.pem"'",
                "certificate": "'"$PKIDIR/testpki-cert2.pem"'",
                "ca_cert": "'"$PKIDIR/testpki-cacert.pem"'",
                "ssl_protocols": "'"TLSv1.2,TLSv1.1"'",
                "ssl_ciphers": "'"HIGH:!aNULL:!MD5:!ECDHE-ECDSA-AES256-GCM-SHA384"'"}}]'
stderr:
stdout:
[{"uuid":["uuid","dba74f11-4ff1-4e6d-bf0b-d5115e4cd84d"]}]
../../tests/ovsdb-server.at:862: ovsdb-server --log-file --detach --no-chdir --pidfile \
        --private-key=db:mydb,SSL,private_key \
        --certificate=db:mydb,SSL,certificate \
        --ca-cert=db:mydb,SSL,ca_cert \
        --ssl-protocols=db:mydb,SSL,ssl_protocols \
        --ssl-ciphers=db:mydb,SSL,ssl_ciphers \
        --remote=pssl:0:127.0.0.1 db
stderr:
2024-04-24T07:46:57Z|00001|vlog|INFO|opened log file /builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testsuite.dir/1890/ovsdb-server.log
2024-04-24T07:46:57Z|00002|socket_util|INFO|0:127.0.0.1: listening on port 38763
stdout:
ovsdb-server.at:871: waiting until SSL_PORT=`sed -n 's/.*0:.*: listening on port \([0-9]*\)$/\1/p' "ovsdb-server.log"` && test X != X"$SSL_PORT"...
ovsdb-server.at:871: wait succeeded immediately
../../tests/ovsdb-server.at:872: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1.2,TLSv1.1 \
        --ssl-ciphers=HIGH:!aNULL:!MD5 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
stdout:
[{"rows":[{"private_key":"/builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testpki-privkey2.pem"}]}]
../../tests/ovsdb-server.at:887: cat output
stderr:
../../tests/ovsdb-server.at:893: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1 \
        --ssl-ciphers=HIGH:!aNULL:!MD5 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A0000BF:SSL routines::no protocols available
ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
stdout:
../../tests/ovsdb-server.at:909: sed -n "/failed to connect/s/ (.*)//p" output
stderr:
../../tests/ovsdb-server.at:916: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1.2,TLSv1.1 \
        --ssl-ciphers=ECDHE-ECDSA-AES256-GCM-SHA384 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A000410:SSL routines::ssl/tls alert handshake failure
ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
stdout:
../../tests/ovsdb-server.at:932: sed -n "/failed to connect/s/ (.*)//p" output
stderr:
../../tests/ovsdb-server.at:939: grep "sslv3 alert handshake failure" output
stderr:
stdout:
../../tests/ovsdb-server.at:939: exit code was 1, expected 0
1890. ovsdb-server.at:827: 1890. SSL db: implementation (ovsdb-server.at:827): FAILED (ovsdb-server.at:939)

Frode Nordahl (fnordahl)
summary: - [debian] build fails on 'testing SSL db: implementation'
+ [debian] FTBFS on 'testing SSL db: implementation'
Changed in openvswitch (Ubuntu):
assignee: nobody → Frode Nordahl (fnordahl)
status: New → In Progress
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.