Sadly, my Debian sid box ran into other issues and is currently
inaccessible.
I *think* that this would address the 1.3.x test issues, but 1.3.x doesn't
build on Mac OS for me for other reasons...so, let me know how it goes?
=) -- justin
Index: test/test_context.c
===================================================================
--- test/test_context.c (revision 1885525)
+++ test/test_context.c (working copy)
@@ -1138,7 +1138,7 @@
/* We expect an error from the certificate validation function. */
if (failures & expected_failures)
- return APR_SUCCESS;
+ return APR_EGENERAL;
else
return SERF_ERROR_ISSUE_IN_TESTSUITE;
}
@@ -1206,8 +1206,8 @@
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
- test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
- test_pool);
+ test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
}
/* Set up the ssl context with the CA and root CA certificates needed for
@@ -1774,8 +1774,8 @@
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
- test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
- test_pool);
+ test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
}
/* Validate that the expired certificate is reported as failure in the
@@ -1820,8 +1820,8 @@
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
- test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
- test_pool);
+ test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
}
Index: test/test_serf.h
===================================================================
--- test/test_serf.h (revision 1885525)
+++ test/test_serf.h (working copy)
@@ -239,6 +239,12 @@
int num_requests,
handler_baton_t handler_ctx[],
apr_pool_t *pool);
+void
+test_helper_run_requests_expect_fail(CuTest *tc, test_baton_t *tb,
+ int num_requests,
+ handler_baton_t handler_ctx[],
+ apr_pool_t *pool);
+
serf_bucket_t* accept_response(serf_request_t *request,
serf_bucket_t *stream,
void *acceptor_baton,
Index: test/test_util.c
===================================================================
--- test/test_util.c (revision 1885525)
+++ test/test_util.c (working copy)
@@ -461,6 +461,19 @@
CuAssertIntEquals(tc, num_requests, tb->handled_requests->nelts);
}
+void
+test_helper_run_requests_expect_fail(CuTest *tc, test_baton_t *tb,
+ int num_requests,
+ handler_baton_t handler_ctx[],
+ apr_pool_t *pool)
+{
+ apr_status_t status;
+
+ status = test_helper_run_requests_no_check(tc, tb, num_requests,
+ handler_ctx, pool);
+ CuAssertIntEquals(tc, APR_EGENERAL, status);
+}
+
serf_bucket_t* accept_response(serf_request_t *request,
serf_bucket_t *stream,
void *acceptor_baton,
On Thu, Jan 14, 2021 at 11:35 PM James McCoy <[email protected]> wrote:
> Happy New Year!
>
> On Wed, Dec 30, 2020 at 10:39:28PM -0500, James McCoy wrote:
> > On Tue, Dec 29, 2020 at 02:35:11PM -0500, Justin Erenkrantz wrote:
> > > The OpenSSL devs intended this to be a breaking change - but it's not
> > > documented anywhere. Sigh.
> > >
> > > I've got a WIP patch against trunk that causes test_ssl to pass - see
> below.
> > > It also seems to work with OpenSSL 1.1.1h as well as OpenSSL 1.1.1i /
> > > 1.1.1-stable, AFAICT.
> > >
> > > James: can you please give it a try as well?
> >
> > Yes, I can confirm this fixes test_ssl_handshake on trunk. There's
> > enough difference between trunk and branches/1.3.x that it doesn't apply
> > cleanly there.
>
> Any chance you would be able to make a patch for 1.3.x? Although a 1.4
> release would be nice, it's a bit late in the Debian release cycle to
> upload a major new version.
>
> A targeted fix for the test suite would address the immediate issue,
> though.
>
> Cheers,
> --
> James
> GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
>
