From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: "Björn Höfling" <bjoern.hoefling@bjoernhoefling.de>
Cc: 34426@debbugs.gnu.org
Subject: bug#34426: xmlsec has test failures
Date: Sat, 09 Mar 2019 23:07:27 -0500 [thread overview]
Message-ID: <871s3ftls0.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me> (raw)
In-Reply-To: <20190222230545.454b4c24@alma-ubu> ("Björn Höfling"'s message of "Fri, 22 Feb 2019 23:05:45 +0100")
Hello Björn,
Björn Höfling <bjoern.hoefling@bjoernhoefling.de> writes:
> On Mon, 11 Feb 2019 06:57:57 +0100
> Björn Höfling <bjoern.hoefling@bjoernhoefling.de> wrote:
>
>> commit: 50a93adc05b611836e740c4b55571890f4c6770a
>>
>> Package xmlsec has test failures:
>
> I bisected this error and found out:
>
> It is introduced by updating gnutls from 3.5.18 to 3.6.5 on commit
>
> commit 06f5bc4e12a78883c6f4a543711311bd66e6832b
> Author: Marius Bakke <mbakke@fastmail.com>
> Date: Mon Dec 10 02:38:32 2018 +0100
>
> gnu: GnuTLS: Update to 3.6.5.
>
> Later on commit:
>
> a46dcdfa3d9002eface76ef9f83e5d34c1ecbfb0
>
> in core-updates GnuTLS it updated to 3.6.6. But here xmlsec still
> has test failures.
Good debugging! This should help us identify what change in GnuTLS might
have broke xmlsec between those versions.
It seems the test suite failures are caused by a single problem:
--8<---------------cut here---------------start------------->8---
Key data "x509" found
/tmp/guix-build-xmlsec-1.2.27.drv-0/xmlsec1-1.2.27/apps/xmlsec1 verify --crypto gnutls --crypto-config /tmp/xmlsec-crypto-config --trusted-der /tmp/guix-build-xmlsec-1.2.27.drv-0/xmlsec1-1.2.27/tests/keys/cacert.der --untrusted-der /tmp/
guix-build-xmlsec-1.2.27.drv-0/xmlsec1-1.2.27/tests/keys/ca2cert.der --untrusted-der /tmp/guix-build-xmlsec-1.2.27.drv-0/xmlsec1-1.2.27/tests/keys/rsacert.der --enabled-key-data x509 /tmp/guix-build-xmlsec-1.2.27.drv-0/xmlsec1-1.2.27/test
s/aleksey-xmldsig-01/x509data-sn-test.xml
func=xmlSecGnuTLSX509StoreVerify:file=x509vfy.c:line=354:obj=unknown:subj=unknown:error=71:certificate verification failed:gnutls_x509_crt_list_verify: verification failed: status=258u
--8<---------------cut here---------------end--------------->8---
> Has anyone an idea why these tests fail and how to fix it?
I haven't investigated more at this time, but will have too, as it
breaks my Gnucash setup.
Maxim
next prev parent reply other threads:[~2019-03-10 4:08 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-11 5:57 bug#34426: xmlsec has test failures Björn Höfling
2019-02-22 22:05 ` Björn Höfling
2019-03-10 4:07 ` Maxim Cournoyer [this message]
2019-03-22 17:41 ` Björn Höfling
2019-05-13 20:28 ` Björn Höfling
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871s3ftls0.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me \
--to=maxim.cournoyer@gmail.com \
--cc=34426@debbugs.gnu.org \
--cc=bjoern.hoefling@bjoernhoefling.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.