[Bug 1771506] Re: Unit test failure with OpenSSL 1.1.1

Dimitri John Ledkov launchpad at surgut.co.uk
Tue May 21 10:02:13 UTC 2019


Bionic is great, previously it would fail
nova.tests.unit.virt.xenapi.test_xenapi.XenAPIDiffieHellmanTestCase
tests but now they pass.

Cosmic/Disco/Eoan are also correctly fixed at runtime, however the
unittests that exercise this runtime issue are force skipped since the
skip-openssl-1.1.1-tests.patch is still applied. We should drop skip-
openssl-1.1.1-tests.patch from Cosmic/Disco/Eoan in the subsequent
uploads. I've now uploaded dropping skip-openssl-1.1.1-tests.patch into
Eoan.

Pass (with nitpicks on cosmic/disco).

** Tags removed: verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-disco
** Tags added: verification-done verification-done-bionic verification-done-cosmic verification-done-disco

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1771506

Title:
  Unit test failure with OpenSSL 1.1.1

Status in Ubuntu Cloud Archive:
  Fix Committed
Status in Ubuntu Cloud Archive queens series:
  Fix Committed
Status in Ubuntu Cloud Archive rocky series:
  Fix Committed
Status in Ubuntu Cloud Archive stein series:
  Fix Committed
Status in OpenStack Compute (nova):
  In Progress
Status in nova package in Ubuntu:
  Fix Released
Status in nova source package in Bionic:
  Fix Committed
Status in nova source package in Cosmic:
  Fix Committed
Status in nova source package in Disco:
  Fix Committed

Bug description:
  Hi,

  Building the Nova Queens package with OpenSSL 1.1.1 leads to unit test
  problems. This was reported to Debian at:
  https://bugs.debian.org/898807

  The new openssl 1.1.1 is currently in experimental [0]. This package
  failed to build against this new package [1] while it built fine
  against the openssl version currently in unstable [2]. Could you
  please have a look?

  FAIL: nova.tests.unit.virt.xenapi.test_xenapi.XenAPIDiffieHellmanTestCase.test_encrypt_newlines_inside_message
  |nova.tests.unit.virt.xenapi.test_xenapi.XenAPIDiffieHellmanTestCase.test_encrypt_newlines_inside_message
  |----------------------------------------------------------------------
  |_StringException: pythonlogging:'': {{{2018-05-01 20:48:09,960 WARNING [oslo_config.cfg] Config option key_manager.api_class  is deprecated. Use option key_manager.backend instead.}}}
  |
  |Traceback (most recent call last):
  |  File "/<<PKGBUILDDIR>>/nova/tests/unit/virt/xenapi/test_xenapi.py", line 1592, in test_encrypt_newlines_inside_message
  |    self._test_encryption('Message\nwith\ninterior\nnewlines.')
  |  File "/<<PKGBUILDDIR>>/nova/tests/unit/virt/xenapi/test_xenapi.py", line 1577, in _test_encryption
  |    enc = self.alice.encrypt(message)
  |  File "/<<PKGBUILDDIR>>/nova/virt/xenapi/agent.py", line 432, in encrypt
  |    return self._run_ssl(text).strip('\n')
  |  File "/<<PKGBUILDDIR>>/nova/virt/xenapi/agent.py", line 428, in _run_ssl
  |    raise RuntimeError(_('OpenSSL error: %s') % err)
  |RuntimeError: OpenSSL error: *** WARNING : deprecated key derivation used.
  |Using -iter or -pbkdf2 would be better.

  It looks like due to additional message on stderr.

  [0] https://lists.debian.org/msgid-search/20180501211400.GA21460@roeckx.be
  [1] https://breakpoint.cc/openssl-rebuild/2018-05-03-rebuild-openssl1.1.1-pre6/attempted/nova_17.0.0-4_amd64-2018-05-01T20%3A39%3A38Z
  [2] https://breakpoint.cc/openssl-rebuild/2018-05-03-rebuild-openssl1.1.1-pre6/successful/nova_17.0.0-4_amd64-2018-05-02T18%3A46%3A36Z

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1771506/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list