Hello Efraim! Efraim Flashner <efr...@flashner.co.il> writes:
> On Tue, Sep 22, 2020 at 08:36:21AM -0400, Maxim Cournoyer wrote: >> Tested on core-updates commit d08f5299e62ca8f5f36f4f6ddf3fcd739d157074. >> >> ========================================= >> GnuTLS 3.6.12: tests/test-suite.log >> ========================================= >> >> # TOTAL: 411 >> # PASS: 393 >> # SKIP: 17 >> # XFAIL: 0 >> # FAIL: 1 >> # XPASS: 0 >> # ERROR: 0 >> >> [...] >> >> FAIL: fastopen.sh >> ================= >> >> Checking Fast open >> Echo Server listening on IPv4 0.0.0.0 port 6169...done >> Echo Server listening on IPv6 :: port 6169...done >> *** Fatal error: Error in the push function. >> Could not connect to 127.0.0.1:6169: Transport endpoint is already connected >> Processed 1 CA certificate(s). >> Resolving 'localhost:6169'... >> Connecting to '127.0.0.1:6169' (TFO)... >> - Certificate type: X.509 >> - Got a certificate list of 1 certificates. >> - Certificate[0] info: >> - subject `CN=GnuTLS Test Server (RSA certificate)', issuer `CN=GnuTLS Test >> CA', serial 0x4de0b4ca, RSA key 2432 bits, signed using RSA-SHA256, >> activated `2011-05-28 08:39:39 UTC', expires `2038-10-12 08:39:40 UTC', >> pin-sha256="ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE=" >> Public Key ID: >> sha1:482334530a8931384a5aeacab6d2a6dece1d2b18 >> >> sha256:6429dcdb1f84533b60e9286712fc2d707c6eb325ea2794492cd0832dcfa554d1 >> Public Key PIN: >> pin-sha256:ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE= >> >> - Status: The certificate is trusted. >> - Successfully sent 0 certificate(s) to server. >> Failure: 1. TLS1.2 handshake should have succeeded! >> Exiting via signal 15 >> FAIL fastopen.sh (exit status: 1) > > gnutls-3.6.14 also still fails after upgrading libgcrypt to 1.8.6. This only occurs in the build container... and only on core-updates. I've filed a bug report upstream (though I doubt they'll be able to reproduce it, understand what it's caused by, given it seems specific to networking in our build container): https://gitlab.com/gnutls/gnutls/-/issues/1095. And disabled the fastopen.sh test in our package for now. Thanks for the feedback! Closing, Maxim
