Bug 2084154
| Summary: | failing tests in test_ssl.py in FIPS mode | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Ondrej Moriš <omoris> |
| Component: | python3.9 | Assignee: | Python Maintainers <python-maint> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 9.0 | CC: | cstratak |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-05-11 15:03:53 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Hi Ondrej. This is a duplicate of bug 2058233 *** This bug has been marked as a duplicate of bug 2058233 *** |
Description of problem: When FIPS mode is enabled there are two failures in test_ssl.py. Version-Release number of selected component (if applicable): python3-test-3.9.10-2.el9 How reproducible: 100% in FIPS mode Steps to Reproduce: 1. Install python3-test 2. Filter out incompatible tests accroding to [1]. 3. Run the remaining tests. Actual results: # python3 -m test --verbose --list-cases test_ssl.py >foo # grep -v -e test.test_ssl.ContextTests.test_load_cert_chain \ -e test.test_ssl.ThreadedTests.test_check_hostname \ -e test.test_ssl.ThreadedTests.test_compression \ -e test.test_ssl.ThreadedTests.test_compression_disabled \ -e test.test_ssl.ThreadedTests.test_crl_check \ -e test.test_ssl.ThreadedTests.test_dh_params \ -e test.test_ssl.ThreadedTests.test_echo \ -e test.test_ssl.ThreadedTests.test_nonblocking_send \ -e test.test_ssl.ThreadedTests.test_protocol_tlsv1 \ -e test.test_ssl.ThreadedTests.test_recv_send \ -e test.test_ssl.ThreadedTests.test_selected_alpn_protocol \ -e test.test_ssl.ThreadedTests.test_selected_alpn_protocol_if_server_uses_alpn \ -e test.test_ssl.ThreadedTests.test_selected_npn_protocol \ -e test.test_ssl.ThreadedTests.test_session \ -e test.test_ssl.ThreadedTests.test_shared_ciphers \ -e test.test_ssl.ThreadedTests.test_sni_callback \ -e test.test_ssl.ThreadedTests.test_starttls \ -e test.test_ssl.ThreadedTests.test_tls_unique_channel_binding \ -e test.test_ssl.ThreadedTests.test_version_basic \ -e test.test_ssl.ThreadedTests.test_protocol_sslv23 foo >bar # python3 -m test --verbose --matchfile bar test_ssl.py ... ====================================================================== ERROR: test_load_verify_cadata (test.test_ssl.ContextTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib64/python3.9/test/test_ssl.py", line 1467, in test_load_verify_cadata ctx.load_verify_locations(cadata=cacert_der) ssl.SSLError: [EVP] unsupported (_ssl.c:4174) ====================================================================== ERROR: test_connect_cadata (test.test_ssl.SimpleBackgroundTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib64/python3.9/test/test_ssl.py", line 2103, in test_connect_cadata ctx.load_verify_locations(cadata=der) ssl.SSLError: [EVP] unsupported (_ssl.c:4174) ---------------------------------------------------------------------- Ran 137 tests in 6.331s FAILED (errors=2, skipped=14) test test_ssl failed test_ssl failed (2 errors) == Tests result: FAILURE == 1 test failed: test_ssl Total duration: 6.4 sec Tests result: FAILURE Expected results: All executed tests passed. Additional info: [1] http://pkgs.devel.redhat.com/cgit/tests/python/tree/Sanity/FIPS-specifics/runtest.sh#n50