2004558 – Test case failure: /CoreOS/httpd/Regression/mod_proxy_wstunnel-with-ssl

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2004558 - Test case failure: /CoreOS/httpd/Regression/mod_proxy_wstunnel-with-ssl

Summary: Test case failure: /CoreOS/httpd/Regression/mod_proxy_wstunnel-with-ssl

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	httpd
Sub Component:
Version:	9.0
Hardware:	Unspecified
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Stepan Broz
QA Contact:	icesalov
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-09-15 14:40 UTC by Branislav Náter
Modified:	2023-05-22 13:47 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-05-22 13:47:50 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-97262	0	None	None	None	2021-09-15 14:41:53 UTC

Description Branislav Náter 2021-09-15 14:40:36 UTC

Filed from caserun (INSERT URL HERE)

Version-Release number of selected component (if applicable):
RHEL-9.0.0-20210907.4
httpd-2.4.48-17.el9.x86_64
openssl-3.0.0-0.beta2.7.el9.x86_64

Steps to Reproduce: 
Run test from summary


Actual results: 
:: [ 10:09:17 ] :: [  BEGIN   ] :: Running 'cat output'
* Closing connection -1
curl: (3) URL using bad/illegal format or missing URL
*   Trying 127.0.0.1:443...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS header, Certificate Status (22):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.2 (IN), TLS header, Finished (20):
{ [5 bytes data]
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [21 bytes data]
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [903 bytes data]
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.2 (OUT), TLS header, Finished (20):
} [5 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS header, Unknown (23):
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=ci-vm-10-0-137-90.hosted.upshift.rdu2.redhat.com; O=ci-vm-10-0-137-90.hosted.upshift.rdu2.redhat.com
*  start date: Sep 15 14:09:03 2021 GMT
*  expire date: Sep 15 14:09:03 2022 GMT
*  issuer: CN=test; O=test
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* TLSv1.2 (OUT), TLS header, Unknown (23):
} [5 bytes data]
> GET /test//hello.html HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.76.1
> Accept: */*
> Connection: Upgrade
> Upgrade: websocket
> Origin:http://localhost:8080
> 
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Unknown (23):
{ [5 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Proxy Error
< Date: Wed, 15 Sep 2021 14:09:17 GMT
< Server: Apache/2.4.48 (Red Hat Enterprise Linux) OpenSSL/3.0.0-beta2
< Content-Length: 273
< Connection: close
< Content-Type: text/html; charset=iso-8859-1
< 
{ [273 bytes data]
100   273  100   273    0     0   3370      0 --:--:-- --:--:-- --:--:--  3370
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Unknown (23):
} [5 bytes data]
* TLSv1.3 (OUT), TLS alert, close notify (256):
} [2 bytes data]
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Proxy Error</title>
</head><body>
<h1>Proxy Error</h1>
The proxy server could not handle the request<p>Reason: <strong>Error during SSL Handshake with remote server</strong></p><p />
</body></html>
:: [ 10:09:17 ] :: [   PASS   ] :: Command 'cat output' (Expected 0, got 0)
:: [ 10:09:17 ] :: [   FAIL   ] :: File 'output' should contain 'hello world' 
:: [ 10:09:17 ] :: [   PASS   ] :: File 'output' should contain 'SSL connection using' 
:: [ 10:09:17 ] :: [  BEGIN   ] :: Stop openssl s_server :: actually running 'kill 23297'
:: [ 10:09:17 ] :: [   PASS   ] :: Stop openssl s_server (Expected 0, got 0)
:: [ 10:09:17 ] :: [   PASS   ] :: File 'server_output' should not contain 'error' 
:: [ 10:09:17 ] :: [  BEGIN   ] :: Running 'cat server_output'
Using default temp DH parameters
ACCEPT
:: [ 10:09:17 ] :: [   PASS   ] :: Command 'cat server_output' (Expected 0, got 0)


Expected results:
:: [ 04:02:41 ] :: [  BEGIN   ] :: Running 'cat output'
* <url> malformed
* Closing connection -1
curl: (3) <url> malformed
*   Trying 127.0.0.1...
* TCP_NODELAY set
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [21 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [905 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=ci-vm-10-0-138-210.hosted.upshift.rdu2.redhat.com; O=ci-vm-10-0-138-210.hosted.upshift.rdu2.redhat.com
*  start date: Sep 15 08:02:27 2021 GMT
*  expire date: Sep 15 08:02:27 2022 GMT
*  issuer: CN=test; O=test
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
} [5 bytes data]
* TLSv1.3 (OUT), TLS app data, [no content] (0):
} [1 bytes data]
> GET /test//hello.html HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.61.1
> Accept: */*
> Connection: Upgrade
> Upgrade: websocket
> Origin:http://localhost:8080
> 
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.3 (IN), TLS app data, [no content] (0):
{ [1 bytes data]
< HTTP/1.1 200 OK
< Date: Wed, 26 Nov 2014 14:39:42 GMT
< Server: openssl s_server
< Content-Length: 12
< Content-Type: text/html; charset=UTF-8
< 
{ [13 bytes data]
* Excess found in a non pipelined read: excess = 1, size = 12, maxdownload = 12, bytecount = 0
100    12  100    12    0     0    571      0 --:--:-- --:--:-- --:--:--   571
* Connection #0 to host 127.0.0.1 left intact
hello world
:: [ 04:02:41 ] :: [   PASS   ] :: Command 'cat output' (Expected 0, got 0)
:: [ 04:02:41 ] :: [   PASS   ] :: File 'output' should contain 'hello world' 
:: [ 04:02:41 ] :: [   PASS   ] :: File 'output' should contain 'SSL connection using' 
:: [ 04:02:41 ] :: [  BEGIN   ] :: Stop openssl s_server :: actually running 'kill 15620'
/usr/share/beakerlib/testing.sh: line 756: 15620 Terminated              openssl s_server -cert /etc/pki/tls/certs/localhost.crt -key /etc/pki/tls/private/localhost.key -accept 8080 -HTTP &> server_output
:: [ 04:02:41 ] :: [   PASS   ] :: Stop openssl s_server (Expected 0, got 0)
:: [ 04:02:41 ] :: [   PASS   ] :: File 'server_output' should not contain 'error' 
:: [ 04:02:41 ] :: [  BEGIN   ] :: Running 'cat server_output'

Comment 10 RHEL Program Management 2023-03-15 07:27:54 UTC

After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.

Comment 16 Branislav Náter 2023-05-22 13:47:50 UTC

Closing now.

Note You need to log in before you can comment on or make changes to this bug.