Opened 13 years ago

Closed 13 years ago

#184 closed defect (fixed)

testsuite failure with openssl 1.0.0d pyopenssl 0.12

Reported by: Julian Taylor Owned by:
Priority: major Milestone: 0.6.2
Component: unknown Version: 0.6.1
Keywords: Cc: Zooko, davidsarah

Description

when running the testsuite with openssl 1.0.0d and pyopenssl 0.12 tub.TestCertFile?.test_generate fails: [FAIL] Traceback (most recent call last):

File "/tmp/foolscap-0.6.1/foolscap/test/test_tub.py", line 54, in test_generate

self.failUnless("BEGIN RSA PRIVATE KEY" in certdata)

twisted.trial.unittest.FailTest?: None

foolscap.test.test_tub.TestCertFile?.test_generate

the reason is that: python -c 'import foolscap.api; foolscap.api.Tub(certFile="foo.pem")'; cat foo.pem now looks like this: ...


MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALXlzY4AbpVR8WXY EKTcM9MmI+tKYai23LtP2pw6YOorXM7Cix55QlqBbSzAR87u1zUqp5rh7ke ...


the testsuite expects BEGIN RSA PRIVATE KEY using openssl 0.9.8o and pyopenssl 0.11 it the test succeedds

Change History (7)

comment:1 Changed 13 years ago by Julian Taylor

it looks like this:

-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALXlzY4AbpVR8WXY
EKTcM9Mm
...
-----END PRIVATE KEY-----

comment:2 Changed 13 years ago by Julian Taylor

this occurs on a debian unstable and an ubuntu 11.10 oneiric machine

comment:3 Changed 13 years ago by Zooko

Cc: Zooko added

Grepping the foolscap source code shows the string BEGIN RSA PRIVATE KEY only in tests:

$ grep -r 'BEGIN RSA PRIVATE KEY' !(_trial_temp)
foolscap/test/test_negotiate.py:-----BEGIN RSA PRIVATE KEY-----
foolscap/test/test_negotiate.py:-----BEGIN RSA PRIVATE KEY-----
foolscap/test/test_tub.py:-----BEGIN RSA PRIVATE KEY-----
foolscap/test/test_tub.py:        self.failUnless("BEGIN RSA PRIVATE KEY" in certdata)

So it could be that this is only a problem in the tests and the code itself is running fine with pyopenssl 0.12. If that's the case, then I suppose this patch will make the tests pass:

diff --git a/foolscap/test/test_tub.py b/foolscap/test/test_tub.py
index 3fd6cf4..ac97376 100644
--- a/foolscap/test/test_tub.py
+++ b/foolscap/test/test_tub.py
@@ -51,7 +51,7 @@ class TestCertFile(unittest.TestCase):
         t = Tub()
         certdata = t.getCertData()
         self.failUnless("BEGIN CERTIFICATE" in certdata)
-        self.failUnless("BEGIN RSA PRIVATE KEY" in certdata)
+        self.failUnless("BEGIN RSA PRIVATE KEY" in certdata or "BEGIN PRIVATE KEY" in certdata)
 
     def test_certdata(self):
         t1 = Tub()

comment:4 Changed 13 years ago by davidsarah

Zooko, jtaylor and I discussed this on IRC and concluded that the intent of the test was just to check that foolscap had correctly asked OpenSSL to generate a .pem file containing a private key. It appears that OpenSSL 0.9.8o is able to parse .pem files generated by OpenSSL 1.0.0d (tested using the openssl x509 command line tool), so there shouldn't be a compatibility problem -- or if there is then it is the OpenSSL devs' fault, not ours ;-) We checked that the generated key is still RSA.

Therefore,

self.failUnless("PRIVATE KEY" in certdata)

should be a sufficient test in the line modified above.

comment:5 Changed 13 years ago by davidsarah

Oh, slightly better would be:

self.failUnlessIn("BEGIN CERTIFICATE", certdata)
self.failUnlessIn("PRIVATE KEY", certdata)

comment:6 Changed 13 years ago by davidsarah

Cc: davidsarah added

comment:7 Changed 13 years ago by Brian Warner

Milestone: undecided0.6.2
Resolution: fixed
Status: newclosed

thanks for the catch.. applied in [d99fa16]

Note: See TracTickets for help on using tickets.