[Bug 2063408] [NEW] [debian] FTBFS on 'testing SSL db: implementation'

Thu Apr 25 06:35:56 UTC 2024

Public bug reported:

Full log:
https://salsa.debian.org/fnordahl/openvswitch/-/jobs/5634791/raw

#                             -*- compilation -*-
1890. ovsdb-server.at:827: testing SSL db: implementation ...
0
../../tests/ovsdb-server.at:847: ovsdb-tool create db schema
stderr:
stdout:
../../tests/ovsdb-server.at:850: ovsdb-tool transact db \
     '["mydb",
       {"op": "insert",
        "table": "SSL",
        "row": {"private_key": "'"$PKIDIR/testpki-privkey2.pem"'",
                "certificate": "'"$PKIDIR/testpki-cert2.pem"'",
                "ca_cert": "'"$PKIDIR/testpki-cacert.pem"'",
                "ssl_protocols": "'"TLSv1.2,TLSv1.1"'",
                "ssl_ciphers": "'"HIGH:!aNULL:!MD5:!ECDHE-ECDSA-AES256-GCM-SHA384"'"}}]'
stderr:
stdout:
[{"uuid":["uuid","dba74f11-4ff1-4e6d-bf0b-d5115e4cd84d"]}]
../../tests/ovsdb-server.at:862: ovsdb-server --log-file --detach --no-chdir --pidfile \
        --private-key=db:mydb,SSL,private_key \
        --certificate=db:mydb,SSL,certificate \
        --ca-cert=db:mydb,SSL,ca_cert \
        --ssl-protocols=db:mydb,SSL,ssl_protocols \
        --ssl-ciphers=db:mydb,SSL,ssl_ciphers \
        --remote=pssl:0:127.0.0.1 db
stderr:
2024-04-24T07:46:57Z|00001|vlog|INFO|opened log file /builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testsuite.dir/1890/ovsdb-server.log
2024-04-24T07:46:57Z|00002|socket_util|INFO|0:127.0.0.1: listening on port 38763
stdout:
ovsdb-server.at:871: waiting until SSL_PORT=`sed -n 's/.*0:.*: listening on port \([0-9]*\)$/\1/p' "ovsdb-server.log"` && test X != X"$SSL_PORT"...
ovsdb-server.at:871: wait succeeded immediately
../../tests/ovsdb-server.at:872: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1.2,TLSv1.1 \
        --ssl-ciphers=HIGH:!aNULL:!MD5 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
stdout:
[{"rows":[{"private_key":"/builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testpki-privkey2.pem"}]}]
../../tests/ovsdb-server.at:887: cat output
stderr:
../../tests/ovsdb-server.at:893: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1 \
        --ssl-ciphers=HIGH:!aNULL:!MD5 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A0000BF:SSL routines::no protocols available
ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
stdout:
../../tests/ovsdb-server.at:909: sed -n "/failed to connect/s/ (.*)//p" output
stderr:
../../tests/ovsdb-server.at:916: ovsdb-client \
        --private-key=$PKIDIR/testpki-privkey.pem \
        --certificate=$PKIDIR/testpki-cert.pem \
        --ca-cert=$PKIDIR/testpki-cacert.pem \
        --ssl-protocols=TLSv1.2,TLSv1.1 \
        --ssl-ciphers=ECDHE-ECDSA-AES256-GCM-SHA384 \
        transact ssl:127.0.0.1:$SSL_PORT \
        '["mydb",
          {"op": "select",
           "table": "SSL",
           "where": [],
           "columns": ["private_key"]}]'
stderr:
2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A000410:SSL routines::ssl/tls alert handshake failure
ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
stdout:
../../tests/ovsdb-server.at:932: sed -n "/failed to connect/s/ (.*)//p" output
stderr:
../../tests/ovsdb-server.at:939: grep "sslv3 alert handshake failure" output
stderr:
stdout:
../../tests/ovsdb-server.at:939: exit code was 1, expected 0
1890. ovsdb-server.at:827: 1890. SSL db: implementation (ovsdb-server.at:827): FAILED (ovsdb-server.at:939)

** Affects: openvswitch (Ubuntu)
     Importance: Undecided
     Assignee: Frode Nordahl (fnordahl)
         Status: In Progress

** Summary changed:

- [debian] build fails on 'testing SSL db: implementation'
+ [debian] FTBFS on 'testing SSL db: implementation'

** Changed in: openvswitch (Ubuntu)
     Assignee: (unassigned) => Frode Nordahl (fnordahl)

** Changed in: openvswitch (Ubuntu)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to openvswitch in Ubuntu.
https://bugs.launchpad.net/bugs/2063408

Title:
  [debian] FTBFS on 'testing SSL db: implementation'

Status in openvswitch package in Ubuntu:
  In Progress

Bug description:
  Full log:
  https://salsa.debian.org/fnordahl/openvswitch/-/jobs/5634791/raw

  #                             -*- compilation -*-
  1890. ovsdb-server.at:827: testing SSL db: implementation ...
  0
  ../../tests/ovsdb-server.at:847: ovsdb-tool create db schema
  stderr:
  stdout:
  ../../tests/ovsdb-server.at:850: ovsdb-tool transact db \
       '["mydb",
         {"op": "insert",
          "table": "SSL",
          "row": {"private_key": "'"$PKIDIR/testpki-privkey2.pem"'",
                  "certificate": "'"$PKIDIR/testpki-cert2.pem"'",
                  "ca_cert": "'"$PKIDIR/testpki-cacert.pem"'",
                  "ssl_protocols": "'"TLSv1.2,TLSv1.1"'",
                  "ssl_ciphers": "'"HIGH:!aNULL:!MD5:!ECDHE-ECDSA-AES256-GCM-SHA384"'"}}]'
  stderr:
  stdout:
  [{"uuid":["uuid","dba74f11-4ff1-4e6d-bf0b-d5115e4cd84d"]}]
  ../../tests/ovsdb-server.at:862: ovsdb-server --log-file --detach --no-chdir --pidfile \
          --private-key=db:mydb,SSL,private_key \
          --certificate=db:mydb,SSL,certificate \
          --ca-cert=db:mydb,SSL,ca_cert \
          --ssl-protocols=db:mydb,SSL,ssl_protocols \
          --ssl-ciphers=db:mydb,SSL,ssl_ciphers \
          --remote=pssl:0:127.0.0.1 db
  stderr:
  2024-04-24T07:46:57Z|00001|vlog|INFO|opened log file /builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testsuite.dir/1890/ovsdb-server.log
  2024-04-24T07:46:57Z|00002|socket_util|INFO|0:127.0.0.1: listening on port 38763
  stdout:
  ovsdb-server.at:871: waiting until SSL_PORT=`sed -n 's/.*0:.*: listening on port \([0-9]*\)$/\1/p' "ovsdb-server.log"` && test X != X"$SSL_PORT"...
  ovsdb-server.at:871: wait succeeded immediately
  ../../tests/ovsdb-server.at:872: ovsdb-client \
          --private-key=$PKIDIR/testpki-privkey.pem \
          --certificate=$PKIDIR/testpki-cert.pem \
          --ca-cert=$PKIDIR/testpki-cacert.pem \
          --ssl-protocols=TLSv1.2,TLSv1.1 \
          --ssl-ciphers=HIGH:!aNULL:!MD5 \
          transact ssl:127.0.0.1:$SSL_PORT \
          '["mydb",
            {"op": "select",
             "table": "SSL",
             "where": [],
             "columns": ["private_key"]}]'
  stderr:
  stdout:
  [{"rows":[{"private_key":"/builds/fnordahl/openvswitch/debian/output/source_dir/_debian/tests/testpki-privkey2.pem"}]}]
  ../../tests/ovsdb-server.at:887: cat output
  stderr:
  ../../tests/ovsdb-server.at:893: ovsdb-client \
          --private-key=$PKIDIR/testpki-privkey.pem \
          --certificate=$PKIDIR/testpki-cert.pem \
          --ca-cert=$PKIDIR/testpki-cacert.pem \
          --ssl-protocols=TLSv1 \
          --ssl-ciphers=HIGH:!aNULL:!MD5 \
          transact ssl:127.0.0.1:$SSL_PORT \
          '["mydb",
            {"op": "select",
             "table": "SSL",
             "where": [],
             "columns": ["private_key"]}]'
  stderr:
  2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A0000BF:SSL routines::no protocols available
  ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
  stdout:
  ../../tests/ovsdb-server.at:909: sed -n "/failed to connect/s/ (.*)//p" output
  stderr:
  ../../tests/ovsdb-server.at:916: ovsdb-client \
          --private-key=$PKIDIR/testpki-privkey.pem \
          --certificate=$PKIDIR/testpki-cert.pem \
          --ca-cert=$PKIDIR/testpki-cacert.pem \
          --ssl-protocols=TLSv1.2,TLSv1.1 \
          --ssl-ciphers=ECDHE-ECDSA-AES256-GCM-SHA384 \
          transact ssl:127.0.0.1:$SSL_PORT \
          '["mydb",
            {"op": "select",
             "table": "SSL",
             "where": [],
             "columns": ["private_key"]}]'
  stderr:
  2024-04-24T07:46:57Z|00001|stream_ssl|WARN|SSL_connect: error:0A000410:SSL routines::ssl/tls alert handshake failure
  ovsdb-client: failed to connect to "ssl:127.0.0.1:38763" (Protocol error)
  stdout:
  ../../tests/ovsdb-server.at:932: sed -n "/failed to connect/s/ (.*)//p" output
  stderr:
  ../../tests/ovsdb-server.at:939: grep "sslv3 alert handshake failure" output
  stderr:
  stdout:
  ../../tests/ovsdb-server.at:939: exit code was 1, expected 0
  1890. ovsdb-server.at:827: 1890. SSL db: implementation (ovsdb-server.at:827): FAILED (ovsdb-server.at:939)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/2063408/+subscriptions