Here are a couple of patches that seem to fix the test failures. The first patch updates the test-harness to use ::1 if 127.0.0.1 is not available. The second patch updates a few test-cases to prevent them failing, either by changing them to work with ::1, or just skipping them.
I've tested by running the build in a net namespace where lo doesn't have 127.0.0.1: $ sudo ip netns exec ipv6test ip -4 addr show lo $ sudo ip netns exec ipv6test ip -6 addr show lo 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 inet6 ::1/128 scope host valid_lft forever preferred_lft forever $ sudo ip netns exec ipv6test sudo -u $USER fakeroot debian/rules clean binary [...] make[2]: Entering directory '/space/azazel/tmp/neon27/debian/build-tree/neon-openssl/test' [...] rm -rf ca ca2 OPENSSL=/usr/bin/openssl \ /bin/bash makekeys ../../../../test 2>makekeys.out gzip -c --no-name ../../../../NEWS > file1.gz gzip -c --name ../../../../NEWS > file2.gz gzip -c --no-name ../../../../NEWS > trailing.gz echo "hello, world" >> trailing.gz dd of=badcsum.gz if=file1.gz bs=1 count=`perl -e 'printf "%d", (stat("file1.gz"))[7] - 8;'` 25010+0 records in 25010+0 records out 25010 bytes (25 kB, 24 KiB) copied, 0.0247032 s, 1.0 MB/s echo 'broken!' >> badcsum.gz dd if=file1.gz of=truncated.gz bs=2048 count=2 2+0 records in 2+0 records out 4096 bytes (4.1 kB, 4.0 KiB) copied, 3.8031e-05 s, 108 MB/s dd of=corrupt1.gz if=file1.gz bs=1 count=500 500+0 records in 500+0 records out 500 bytes copied, 0.000968376 s, 516 kB/s cat ../../../../NEWS >> corrupt1.gz cat ../../../../NEWS > corrupt2.gz touch empty.gz cat ../../../../NEWS > random.txt echo hello world > hello.txt gzip -c hello.txt > hello.gz echo foobar > foobar.txt ../../../../test/run.sh: line 5: ulimit: core file size: cannot modify limit: Operation not permitted uri-tests............. 15/15 passed util-tests............ 9/ 9 passed string-tests.......... 32/32 passed socket................ 10/47 SKIPPED - addr_connect socket................ 11/47 SKIPPED - addr_peer socket................ 36/47 SKIPPED - prebind socket................ 44/47 passed (3 skipped) session............... 8/ 8 passed request............... 82/92 SKIPPED - local_addr request............... 84/92 SKIPPED - addrlist request............... 90/92 passed (2 skipped) auth.................. 21/21 passed basic................. 11/11 passed stubs................. 1/ 1 passed redirect.............. 6/ 6 passed socket-ssl............ 11/48 SKIPPED - addr_connect socket-ssl............ 12/48 SKIPPED - addr_peer socket-ssl............ 22/48 SKIPPED - ssl_session_id (zero-length session ID, cannot test further) socket-ssl............ 37/48 SKIPPED - prebind socket-ssl............ 44/48 passed (4 skipped) ssl................... 62/63 WARNING: NSS required for PKCS#11 testing ssl................... 62/63 SKIPPED - pkcs11 ssl................... 63/63 WARNING: NSS required for PKCS#11 testing ssl................... 63/63 SKIPPED - pkcs11_dsa ssl................... 61/63 passed (2 skipped) (2 warnings) compress.............. 22/22 passed xml................... 5/ 5 passed xmlreq................ 3/ 3 passed oldacl................ 4/ 4 passed acl3744............... 4/ 4 passed props................. 7/ 7 passed lock.................. 16/16 passed make[2]: Leaving directory '/space/azazel/tmp/neon27/debian/build-tree/neon-openssl/test' [...] make[2]: Entering directory '/space/azazel/tmp/neon27/debian/build-tree/neon-gnutls/test' [...] rm -rf ca ca2 OPENSSL=/usr/bin/openssl \ /bin/bash makekeys ../../../../test 2>makekeys.out gzip -c --no-name ../../../../NEWS > file1.gz gzip -c --name ../../../../NEWS > file2.gz gzip -c --no-name ../../../../NEWS > trailing.gz echo "hello, world" >> trailing.gz dd of=badcsum.gz if=file1.gz bs=1 count=`perl -e 'printf "%d", (stat("file1.gz"))[7] - 8;'` 25010+0 records in 25010+0 records out 25010 bytes (25 kB, 24 KiB) copied, 0.0250625 s, 998 kB/s echo 'broken!' >> badcsum.gz dd if=file1.gz of=truncated.gz bs=2048 count=2 2+0 records in 2+0 records out 4096 bytes (4.1 kB, 4.0 KiB) copied, 4.0065e-05 s, 102 MB/s dd of=corrupt1.gz if=file1.gz bs=1 count=500 500+0 records in 500+0 records out 500 bytes copied, 0.000531978 s, 940 kB/s cat ../../../../NEWS >> corrupt1.gz cat ../../../../NEWS > corrupt2.gz touch empty.gz cat ../../../../NEWS > random.txt echo hello world > hello.txt gzip -c hello.txt > hello.gz echo foobar > foobar.txt ../../../../test/run.sh: line 5: ulimit: core file size: cannot modify limit: Operation not permitted uri-tests............. 15/15 passed util-tests............ 9/ 9 passed string-tests.......... 31/32 SKIPPED - strhash_sha_512_256 (SHA-2-512/256 not supported) string-tests.......... 31/32 passed (1 skipped) socket................ 10/47 SKIPPED - addr_connect socket................ 11/47 SKIPPED - addr_peer socket................ 36/47 SKIPPED - prebind socket................ 44/47 passed (3 skipped) session............... 8/ 8 passed request............... 82/92 SKIPPED - local_addr request............... 84/92 SKIPPED - addrlist request............... 90/92 passed (2 skipped) auth.................. 9/21 SKIPPED - digest_sha512_256 (SHA-512/256 not supported) auth.................. 20/21 passed (1 skipped) basic................. 11/11 passed stubs................. 1/ 1 passed redirect.............. 6/ 6 passed socket-ssl............ 11/48 SKIPPED - addr_connect socket-ssl............ 12/48 SKIPPED - addr_peer socket-ssl............ 37/48 SKIPPED - prebind socket-ssl............ 45/48 passed (3 skipped) ssl................... 13/63 WARNING: no friendly name given ssl................... 62/63 WARNING: NSS required for PKCS#11 testing ssl................... 62/63 SKIPPED - pkcs11 ssl................... 63/63 WARNING: NSS required for PKCS#11 testing ssl................... 63/63 SKIPPED - pkcs11_dsa ssl................... 61/63 passed (2 skipped) (3 warnings) compress.............. 22/22 passed xml................... 5/ 5 passed xmlreq................ 3/ 3 passed oldacl................ 4/ 4 passed acl3744............... 4/ 4 passed props................. 7/ 7 passed lock.................. 16/16 passed make[2]: Leaving directory '/space/azazel/tmp/neon27/debian/build-tree/neon-gnutls/test' [...] J.
From aaa0f2d4f6f50878e9320c29a920ae2aa4830b76 Mon Sep 17 00:00:00 2001 From: Jeremy Sowden <jer...@azazel.net> Date: Sun, 26 Mar 2023 14:49:09 +0100 Subject: [PATCH 1/2] Use ipv6 lookback address if ipv4 is not available Note that the `bind_local` parameter of `spawn_server_addr` is now ignored. It wasn't actually possible to set `hn_addr`, so passing `0` would never have worked anyway. --- test/common/child.c | 134 ++++++++++++++++++++++++++++++++++++-------- test/common/child.h | 3 + test/utils.c | 5 +- 3 files changed, 116 insertions(+), 26 deletions(-) diff --git a/test/common/child.c b/test/common/child.c index 872fbdaddf4f..7ff7ba8fe67a 100644 --- a/test/common/child.c +++ b/test/common/child.c @@ -43,6 +43,10 @@ #include <netdb.h> #include <signal.h> +#include <ifaddrs.h> +#include <sys/types.h> +#include <string.h> + #include "ne_socket.h" #include "ne_utils.h" #include "ne_string.h" @@ -50,14 +54,23 @@ #include "tests.h" #include "child.h" +#ifndef NI_MAXHOST +#define NI_MAXHOST 1025 +#endif + static pid_t child = 0; int clength; -static struct in_addr lh_addr, hn_addr; - static int have_lh_addr; +static union { + struct sockaddr_in in; + struct sockaddr_in6 in6; +} lh_sockaddr; +static int lh_family = AF_UNSPEC; +static char lh_name[NI_MAXHOST]; + const char *want_header = NULL; got_header_fn got_header = NULL; char *local_hostname = NULL; @@ -72,13 +85,72 @@ char *local_hostname = NULL; int lookup_localhost(void) { - /* this will break if a system is set up so that `localhost' does - * not resolve to 127.0.0.1, but... */ - lh_addr.s_addr = inet_addr("127.0.0.1"); + struct ifaddrs *ifaddr; + + if (getifaddrs(&ifaddr) == -1) + goto err_return_ipv4; + + for (struct ifaddrs *ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { + if (ifa->ifa_addr == NULL) + continue; + + if (strcmp(ifa->ifa_name, "lo") != 0) + continue; + + if (ifa->ifa_addr->sa_family != AF_INET && + ifa->ifa_addr->sa_family != AF_INET6) + continue; + + if (getnameinfo(ifa->ifa_addr, + ifa->ifa_addr->sa_family == AF_INET + ? sizeof(struct sockaddr_in) + : sizeof(struct sockaddr_in6), + lh_name, sizeof lh_name, + NULL, 0, + NI_NUMERICHOST)) + continue; + + memcpy(&lh_sockaddr, ifa->ifa_addr, + ifa->ifa_addr->sa_family == AF_INET + ? sizeof(lh_sockaddr.in) + : sizeof(lh_sockaddr.in6)); + + lh_family = ifa->ifa_addr->sa_family; + + if (lh_family == AF_INET) + break; + } + + freeifaddrs(ifaddr); + +err_return_ipv4: + + if (lh_family == AF_UNSPEC) { + lh_family = AF_INET; + strcpy(lh_name, "127.0.0.1"); + lh_sockaddr.in.sin_family = lh_family; + lh_sockaddr.in.sin_addr.s_addr = inet_addr(lh_name); + } + have_lh_addr = 1; return OK; } +const char * +get_lo_addr(void) +{ + if (!have_lh_addr) + lookup_localhost(); + + return lh_name; +} + +int +get_lo_family(void) +{ + return lh_family; +} + int lookup_hostname(void) { char buf[BUFSIZ]; @@ -101,19 +173,26 @@ int lookup_hostname(void) return OK; } -static int do_listen(struct in_addr addr, int port) +static int do_listen(int port) { - int ls = socket(AF_INET, SOCK_STREAM, 0); - struct sockaddr_in saddr = {0}; + int ls = socket(lh_family, SOCK_STREAM, 0); + struct sockaddr *saddr; + socklen_t saddrlen; int val = 1; setsockopt(ls, SOL_SOCKET, SO_REUSEADDR, (void *)&val, sizeof(int)); - - saddr.sin_addr = addr; - saddr.sin_port = htons(port); - saddr.sin_family = AF_INET; - if (bind(ls, (struct sockaddr *)&saddr, sizeof(saddr))) { + if (lh_family == AF_INET6) { + lh_sockaddr.in6.sin6_port = htons(port); + saddr = (struct sockaddr *) &lh_sockaddr.in6; + saddrlen = sizeof(lh_sockaddr.in6); + } else { + lh_sockaddr.in.sin_port = htons(port); + saddr = (struct sockaddr *) &lh_sockaddr.in; + saddrlen = sizeof(lh_sockaddr.in); + } + + if (bind(ls, saddr, saddrlen)) { printf("bind failed: %s\n", strerror(errno)); return -1; } @@ -171,7 +250,7 @@ static int close_socket(ne_socket *sock) } /* This runs as the child process. */ -static int server_child(int readyfd, struct in_addr addr, int port, +static int server_child(int readyfd, int port, server_fn callback, void *userdata) { ne_socket *s = ne_sock_create(); @@ -179,7 +258,7 @@ static int server_child(int readyfd, struct in_addr addr, int port, in_child(); - listener = do_listen(addr, port); + listener = do_listen(port); if (listener < 0) return FAIL; @@ -205,9 +284,8 @@ int spawn_server(int port, server_fn fn, void *ud) int spawn_server_addr(int bind_local, int port, server_fn fn, void *ud) { int fds[2]; - struct in_addr addr; - addr = bind_local?lh_addr:hn_addr; + (void) bind_local; #ifdef USE_PIPE if (pipe(fds)) { @@ -227,7 +305,7 @@ int spawn_server_addr(int bind_local, int port, server_fn fn, void *ud) /* this is the child. */ int ret; - ret = server_child(fds[1], addr, port, fn, ud); + ret = server_child(fds[1], port, fn, ud); #ifdef USE_PIPE close(fds[0]); @@ -276,22 +354,30 @@ int new_spawn_server(int count, server_fn fn, void *userdata, int new_spawn_server2(int count, server_fn fn, void *userdata, ne_inet_addr **addr, unsigned int *port) { - struct sockaddr_in sa; + static union { + struct sockaddr_in in; + struct sockaddr_in6 in6; + } sa; socklen_t salen = sizeof sa; int ls; if (!have_lh_addr) lookup_localhost(); - ls = do_listen(lh_addr, 0); + ls = do_listen(0); ONN("could not bind/listen fd for server", ls < 0); - ONV(getsockname(ls, &sa, &salen) != 0, + ONV(getsockname(ls, (struct sockaddr *) &sa, &salen) != 0, ("could not get socket name for listening fd: %s", strerror(errno))); - - *port = ntohs(sa.sin_port); - *addr = ne_iaddr_make(ne_iaddr_ipv4, (unsigned char *)&lh_addr.s_addr); + + if (salen == sizeof(sa.in)) { + *port = ntohs(sa.in.sin_port); + *addr = ne_iaddr_make(ne_iaddr_ipv4, (void *) &sa.in.sin_addr.s_addr); + } else { + *port = ntohs(sa.in6.sin6_port); + *addr = ne_iaddr_make(ne_iaddr_ipv6, (void *) sa.in6.sin6_addr.s6_addr); + } NE_DEBUG(NE_DBG_SOCKET, "child using port %u\n", *port); diff --git a/test/common/child.h b/test/common/child.h index e34ff3b7877b..f3fdcdc3dac9 100644 --- a/test/common/child.h +++ b/test/common/child.h @@ -34,6 +34,9 @@ * named test. */ int lookup_localhost(void); +const char *get_lo_addr(void); +int get_lo_family(void); + /* Test which looks up real local hostname. */ int lookup_hostname(void); diff --git a/test/utils.c b/test/utils.c index 2bf8228d88e6..2006c77ffcbd 100644 --- a/test/utils.c +++ b/test/utils.c @@ -204,7 +204,8 @@ int multi_session_server(ne_session **sess, int session_server(ne_session **sess, server_fn fn, void *userdata) { - return multi_session_server(sess, "http", "127.0.0.1", 1, fn, userdata); + return multi_session_server(sess, "http", get_lo_addr(), 1, + fn, userdata); } int proxied_session_server(ne_session **sess, const char *scheme, @@ -219,7 +220,7 @@ int proxied_session_server(ne_session **sess, const char *scheme, NE_DEBUG(NE_DBG_HTTP, "test: Using proxied session to port %u.\n", port); - ne_session_proxy(*sess, "127.0.0.1", port); + ne_session_proxy(*sess, get_lo_addr(), port); return OK; } -- 2.39.2
From 5cb7edbb2751edf982aea6fc95d4897b5de03a0b Mon Sep 17 00:00:00 2001 From: Jeremy Sowden <jer...@azazel.net> Date: Sun, 26 Mar 2023 14:49:28 +0100 Subject: [PATCH 2/2] Fix ipv4-related test failures Update some tests which use 127.0.0.1 and skip others where the ipv4 assumptions are not so easily fixed. --- test/request.c | 27 +++++++++++++++++++-------- test/socket.c | 9 +++++++++ test/ssl.c | 4 ++-- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/test/request.c b/test/request.c index e663d6dc557f..a5edd7ea99db 100644 --- a/test/request.c +++ b/test/request.c @@ -20,6 +20,7 @@ #include "config.h" +#include <arpa/inet.h> #include <sys/types.h> #include <time.h> /* for time() */ @@ -2050,16 +2051,18 @@ static int status(void) ne_session *sess; ne_buffer *buf = ne_buffer_create(); char expect[1024]; + const char *lo_addr = get_lo_addr(); ne_snprintf(expect, sizeof expect, - "lookup(127.0.0.1)-" - "connecting(127.0.0.1,127.0.0.1)-" - "connected(127.0.0.1)-" + "lookup(%s)-" + "connecting(%s,%s)-" + "connected(%s)-" "send(0,5000)-" "send(5000,5000)-" "recv(0,5)-" "recv(5,5)-" - "disconnected(127.0.0.1)-"); + "disconnected(%s)-", + lo_addr, lo_addr, lo_addr, lo_addr, lo_addr); CALL(make_session(&sess, single_serve_string, RESP200 "Content-Length: 5\r\n\r\n" "abcde")); @@ -2085,13 +2088,14 @@ static int status_chunked(void) ne_session *sess; ne_buffer *buf = ne_buffer_create(); char expect[1024]; + const char *lo_addr = get_lo_addr(); /* This sequence is not exactly guaranteed by the API, but it's * what the current implementation should do. */ ne_snprintf(expect, sizeof expect, - "lookup(127.0.0.1)-" - "connecting(127.0.0.1,127.0.0.1)-" - "connected(127.0.0.1)-" + "lookup(%s)-" + "connecting(%s,%s)-" + "connected(%s)-" "send(0,5000)-" "send(5000,5000)-" "recv(0,-1)-" @@ -2100,7 +2104,8 @@ static int status_chunked(void) "recv(3,-1)-" "recv(4,-1)-" "recv(5,-1)-" - "disconnected(127.0.0.1)-"); + "disconnected(%s)-", + lo_addr, lo_addr, lo_addr, lo_addr, lo_addr); CALL(make_session(&sess, single_serve_string, RESP200 TE_CHUNKED "\r\n" ABCDE_CHUNKS)); @@ -2128,6 +2133,9 @@ static int local_addr(void) ne_session *sess; ne_inet_addr *ia = ne_iaddr_make(ne_iaddr_ipv4, raw_127); + if(get_lo_family() != AF_INET) + return SKIP; + CALL(make_session(&sess, single_serve_string, RESP200 "Connection: close\r\n\r\n")); @@ -2164,6 +2172,9 @@ static int addrlist(void) const ne_inet_addr *ial[1]; unsigned int port; + if(get_lo_family() != AF_INET) + return SKIP; + CALL(new_spawn_server(1, single_serve_string, EMPTY_RESP, &port)); sess = ne_session_create("http", "www.example.com", port); diff --git a/test/socket.c b/test/socket.c index 566cbe156f2d..0b4c9a469676 100644 --- a/test/socket.c +++ b/test/socket.c @@ -453,6 +453,9 @@ static int addr_connect(void) ne_inet_addr *ia; unsigned int port; + if (get_lo_family() != AF_INET) + return SKIP; + ia = ne_iaddr_make(ne_iaddr_ipv4, raw_127); ONN("ne_iaddr_make returned NULL", ia == NULL); @@ -470,6 +473,9 @@ static int addr_peer(void) unsigned int port = 9999, realport; int ret; + if (get_lo_family() != AF_INET) + return SKIP; + ia = ne_iaddr_make(ne_iaddr_ipv4, raw_127); ONN("ne_iaddr_make returned NULL", ia == NULL); @@ -1367,6 +1373,9 @@ static int try_prebind(int addr, int port) static int prebind(void) { + if(get_lo_family() != AF_INET) + return SKIP; + CALL(try_prebind(1, 0)); CALL(try_prebind(0, 1)); CALL(try_prebind(1, 1)); diff --git a/test/ssl.c b/test/ssl.c index 470521e1d29a..da0f706dc349 100644 --- a/test/ssl.c +++ b/test/ssl.c @@ -971,7 +971,7 @@ static int fail_missing_CN(void) /* test for a bad ipAddress altname */ static int fail_bad_ipaltname(void) { - return fail_ssl_request("altname6.cert", CA_CERT, "127.0.0.1", + return fail_ssl_request("altname6.cert", CA_CERT, get_lo_addr(), "bad IP altname cert", NE_SSL_IDMISMATCH); } @@ -997,7 +997,7 @@ static int fail_wildcard(void) static int fail_wildcard_ip(void) { - return fail_ssl_request("wildip.cert", CA_CERT, "127.0.0.1", + return fail_ssl_request("wildip.cert", CA_CERT, get_lo_addr(), "wildcard IP", NE_SSL_IDMISMATCH); } -- 2.39.2
signature.asc
Description: PGP signature