[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] "make check" fails in "Test-https-pfs" and "Test-https-tl
From: |
Tim Ruehsen |
Subject: |
Re: [Bug-wget] "make check" fails in "Test-https-pfs" and "Test-https-tlsv1x" on Mac OS X, after "./configure" and "make" of wget-1.19.4 complete |
Date: |
Tue, 20 Feb 2018 22:10:54 +0100 |
Am Dienstag, den 20.02.2018, 19:07 +0100 schrieb
address@hidden:
> ### I did the following:
>
> # To overcome the unavailability of the HOSTALIASES trick on Mac OS
> X,
> # I edited "/etc/hosts" as follows.
>
> sudo cp -pi /etc/hosts /etc/hosts.bak
>
> cat << EOF | sudo tee /etc/hosts > /dev/null
> 127.0.0.1 localhost WgetTestingServer
> 255.255.255.255 broadcasthost
> ::1 localhost
> fe80::1%lo0 localhost
> EOF
>
> sudo chown root:wheel /etc/hosts
> sudo chmod 644 /etc/hosts
>
> # Note that, except for the added "WgetTestingServer" alias,
> # Mac OS X requires these four lines at the bottom of /etc/hosts.
> 127.0.0.1 localhost
> 255.255.255.255 broadcasthost
> ::1 localhost
> fe80::1%lo0 localhost
>
>
> #-----
> # Then, the usual "configure, make, make check" sequence ran.
>
> export PKG_CONFIG='/opt/pkg-config/bin/pkg-config'
> export PKG_CONFIG_PATH='/opt/pkg-config/lib/pkgconfig'
>
> ./configure --with-ssl=openssl --with-openssl=yes --with-libssl-
> prefix=/opt/openssl --with-zlib=/opt/zlib
>
> make
> make check
>
>
> ### Actual Result:
>
> "make check" printed the following failures.
>
> FAIL: Test-https-pfs.px
> FAIL: Test-https-tlsv1x.px
>
>
> For Test-https-pfs, "config.log" has the following lines.
>
> Resolving wgettestingserver... 127.0.0.1, ::1, fe80::1
> Caching wgettestingserver => 127.0.0.1 ::1 fe80::1
> Connecting to wgettestingserver|127.0.0.1|:24443... connected.
> Created socket 6.
> Releasing 0x00007fc16141d640 (new refcount 1).
> Initiating SSL handshake.
> SSL handshake failed.
> OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
> alert handshake failure
> Closed fd 6
> Unable to establish SSL connection.
> Test failed: wrong code returned (was: 4, expected: 0)
> FAIL Test-https-pfs.px (exit status: 1)
>
>
> For Test-https-tlsv1x, "config.log" has the following lines.
>
> Resolving wgettestingserver... 127.0.0.1, ::1, fe80::1
> Caching wgettestingserver => 127.0.0.1 ::1 fe80::1
> Connecting to wgettestingserver|127.0.0.1|:29443... connected.
> Created socket 6.
> Releasing 0x00007f8861c1d640 (new refcount 1).
> Initiating SSL handshake.
> SSL handshake failed.
> OpenSSL: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number
> Closed fd 6
> Unable to establish SSL connection.
> Use of uninitialized value in ref-to-glob cast at SSLServer.pm line
> 141.
> Use of uninitialized value in ref-to-glob cast at SSLServer.pm line
> 141.
> sysread() on unopened filehandle at SSLServer.pm line 141.
> Can't call method "close" on an undefined value at SSLServer.pm line
> 230.
> Test failed: wrong code returned (was: 4, expected: 0)
> FAIL Test-https-tlsv1x.px (exit status: 1)
>
>
> ### Side issue:
>
> As I wrote above, since the HOSTALIASES trick did not work on Mac OS
> X,
> I edited "/etc/hosts". Without the modification to "/etc/hosts", all
> the following eight https tests had been skipped.
>
> SKIP: Test-https-pfs.px
> SKIP: Test-https-tlsv1.px
> SKIP: Test-https-tlsv1x.px
> SKIP: Test-https-selfsigned.px
> SKIP: Test-https-weboftrust.px
> SKIP: Test-https-clientcert.px
> SKIP: Test-https-crl.px
> SKIP: Test-https-badcerts.px
>
> By the modification to "/etc/hosts", all the https tests proceeded
> without being skipped; and the two failed, while the remaining six
> passed.
>
> FAIL: Test-https-pfs.px
> PASS: Test-https-tlsv1.px
> FAIL: Test-https-tlsv1x.px
> PASS: Test-https-selfsigned.px
> PASS: Test-https-weboftrust.px
> PASS: Test-https-clientcert.px
> PASS: Test-https-crl.px
> PASS: Test-https-badcerts.px
Test-https-tlsv1.px passes but Test-https-tlsv1x.px fails. These test
just differ in the protocol option for wget. This sounds like something
with your OpenSSL version.
You made a very detailed report, but the version of openssl would be
very helpful (maybe also a ldd wget).
Could you try with a recent GnuTLS ?
> Note that the failure of HOSTALIASES on Mac OS X was already pointed
> out in the message "bug-wget/2017-10/msg00038.html" following
> "msg00037.html".
Newer versions of TLS libraries expect a domain name (no IP, localhost
has also pitfalls) in the certificates. So we need a working name
resolution for such a name, or we have to skip those tests. Which is
even worse, I think. Is there something similar to HOSTALIASES on OSX ?
>
> ### Related
>
> "make check" indeed failed in "Test-iri-disabled" at the same time as
> "Test-https-pfs" and "Test-https-tlsv1x" under the same conditions
> and the same environment. I reported about "Test-iri-disabled"
> separately from this report. It is "bug-wget/2018-02/msg00031.html".
I answered your email ~6 hours ago.
Regards, Tim