Opened 3 months ago
#2597 new defect
nginx-tests: some ssl tests fail with openssl 3.2.0
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | other | Version: | 1.24.x |
| Keywords: | Cc: | ||
| uname -a: | Linux x230 6.7.1-0-generic #1 SMP PREEMPT_DYNAMIC Sat Jan 20 18:13:18 UTC 2024 x86_64 | ||
| nginx -V: |
nginx version: nginx/1.24.0
built with OpenSSL 3.2.0 23 Nov 2023 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --user=_www --group=_www --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/run/nginx/nginx.lock --modules-path=/usr/libexec/nginx --pid-path=/run/nginx/nginx.pid --sbin-path=/usr/bin/nginx --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --with-compat --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-stream=dynamic --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-threads --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module |
||
Description
I'm building nginx on an environment with openssl 3.2.0 and some tests fail as follow:
./access.t ................................. ok ./access_log.t ............................. ok ./access_log_variables.t ................... ok ./addition.t ............................... ok ./addition_buffered.t ...................... ok ./auth_basic.t ............................. ok ./auth_delay.t ............................. ok ./auth_request.t ........................... ok ./auth_request_satisfy.t ................... ok ./auth_request_set.t ....................... ok ./autoindex.t .............................. ok ./autoindex_format.t ....................... ok ./autoindex_win32.t ........................ skipped: Win32API::File not installed ./binary_upgrade.t ......................... skipped: can leave orphaned process group ./body.t ................................... ok ./body_chunked.t ........................... ok ./charset.t ................................ ok ./charset_gzip_static.t .................... ok ./config_dump.t ............................ ok ./dav.t .................................... ok ./dav_chunked.t ............................ ok ./dav_utf8.t ............................... ok ./debug_connection.t ....................... skipped: no --with-debug available ./debug_connection_syslog.t ................ skipped: no --with-debug available ./debug_connection_unix.t .................. skipped: no --with-debug available ./empty_gif.t .............................. ok ./error_log.t .............................. ok ./fastcgi.t ................................ skipped: FCGI not installed ./fastcgi_body.t ........................... ok ./fastcgi_body2.t .......................... skipped: FCGI not installed ./fastcgi_buffering.t ...................... skipped: FCGI not installed ./fastcgi_cache.t .......................... skipped: FCGI not installed ./fastcgi_extra_data.t ..................... skipped: FCGI not installed ./fastcgi_header_params.t .................. skipped: FCGI not installed ./fastcgi_keepalive.t ...................... ok ./fastcgi_merge_params.t ................... skipped: FCGI not installed ./fastcgi_merge_params2.t .................. skipped: FCGI not installed ./fastcgi_request_buffering.t .............. skipped: FCGI not installed ./fastcgi_request_buffering_chunked.t ...... skipped: FCGI not installed ./fastcgi_split.t .......................... skipped: FCGI not installed ./fastcgi_unix.t ........................... skipped: FCGI not installed ./fastcgi_variables.t ...................... skipped: FCGI not installed ./geo.t .................................... ok ./geo_binary.t ............................. skipped: long configuration parsing ./geo_ipv6.t ............................... ok ./geo_unix.t ............................... ok ./geoip.t .................................. skipped: no http_geoip available ./grpc.t ................................... ok ./grpc_next_upstream.t ..................... ok ./grpc_pass.t .............................. ok ./grpc_request_buffering.t ................. ok ./grpc_ssl.t ............................... ok ./gunzip.t ................................. ok ./gunzip_memcached.t ....................... skipped: Cache::Memcached not installed ./gunzip_perl.t ............................ skipped: no perl available ./gunzip_ssi.t ............................. ok ./gunzip_static.t .......................... ok ./gzip.t ................................... ok ./gzip_flush.t ............................. skipped: no perl available ./h2.t ..................................... ok ./h2_absolute_redirect.t ................... ok ./h2_auth_request.t ........................ ok ./h2_error_page.t .......................... ok ./h2_fastcgi_request_buffering.t ........... ok ./h2_headers.t ............................. ok ./h2_http2.t ............................... skipped: no http2 ./h2_keepalive.t ........................... ok ./h2_limit_conn.t .......................... ok ./h2_limit_req.t ........................... ok ./h2_priority.t ............................ ok ./h2_proxy_cache.t ......................... ok ./h2_proxy_max_temp_file_size.t ............ ok ./h2_proxy_protocol.t ...................... ok ./h2_proxy_request_buffering.t ............. ok ./h2_proxy_request_buffering_redirect.t .... ok ./h2_proxy_request_buffering_ssl.t ......... ok ./h2_proxy_ssl.t ........................... ok ./h2_request_body.t ........................ ok ./h2_request_body_extra.t .................. ok ./h2_request_body_preread.t ................ ok ./h2_server_tokens.t ....................... ok ./h2_ssl.t ................................. ok ./h2_ssl_proxy_cache.t ..................... ok ./h2_ssl_proxy_protocol.t .................. ok ./h2_ssl_variables.t ....................... ok ./h2_ssl_verify_client.t ................... ok ./h2_trailers.t ............................ ok ./h2_variables.t ........................... ok ./h3_absolute_redirect.t ................... skipped: no http_v3 available ./h3_headers.t ............................. skipped: no http_v3 available ./h3_keepalive.t ........................... skipped: no http_v3 available ./h3_limit_conn.t .......................... skipped: no http_v3 available ./h3_limit_req.t ........................... skipped: no http_v3 available ./h3_proxy.t ............................... skipped: no http_v3 available ./h3_proxy_max_temp_file_size.t ............ skipped: no http_v3 available ./h3_reusable.t ............................ skipped: no http_v3 available ./h3_server_name.t ......................... skipped: no http_v3 available ./h3_server_tokens.t ....................... skipped: no http_v3 available ./h3_ssl_early_data.t ...................... skipped: no http_v3 available ./h3_ssl_reject_handshake.t ................ skipped: no http_v3 available ./h3_ssl_session_reuse.t ................... skipped: no http_v3 available ./h3_trailers.t ............................ skipped: no http_v3 available ./headers.t ................................ ok ./http_absolute_redirect.t ................. ok ./http_disable_symlinks.t .................. skipped: no external file found ./http_error_page.t ........................ ok ./http_expect_100_continue.t ............... ok ./http_header_buffers.t .................... ok ./http_headers_multi.t ..................... ok ./http_host.t .............................. ok ./http_include.t ........................... ok ./http_keepalive.t ......................... ok ./http_keepalive_shutdown.t ................ ok ./http_listen.t ............................ ok ./http_listen_wildcard.t ................... skipped: listen on wildcard address ./http_location.t .......................... ok ./http_location_auto.t ..................... ok ./http_location_win32.t .................... skipped: not win32 ./http_method.t ............................ ok ./http_resolver.t .......................... ok ./http_resolver_aaaa.t ..................... ok ./http_resolver_cleanup.t .................. ok ./http_resolver_cname.t .................... ok ./http_resolver_ipv4.t ..................... ok ./http_server_name.t ....................... ok ./http_try_files.t ......................... ok ./http_uri.t ............................... ok ./http_variables.t ......................... ok ./ignore_invalid_headers.t ................. ok ./image_filter.t ........................... skipped: GD not installed ./image_filter_finalize.t .................. skipped: no image_filter available ./image_filter_webp.t ...................... skipped: no image_filter available ./index.t .................................. ok ./limit_conn.t ............................. ok ./limit_conn_complex.t ..................... ok ./limit_conn_dry_run.t ..................... ok ./limit_rate.t ............................. ok ./limit_req.t .............................. ok ./limit_req2.t ............................. ok ./limit_req_delay.t ........................ ok ./limit_req_dry_run.t ...................... ok ./mail_capability.t ........................ skipped: no imap available ./mail_error_log.t ......................... skipped: no imap available ./mail_imap.t .............................. skipped: no imap available ./mail_imap_ssl.t .......................... skipped: no imap available ./mail_max_errors.t ........................ skipped: no imap available ./mail_pop3.t .............................. skipped: no pop3 available ./mail_proxy_protocol.t .................... skipped: no smtp available ./mail_proxy_smtp_auth.t ................... skipped: no smtp available ./mail_resolver.t .......................... skipped: no smtp available ./mail_smtp.t .............................. skipped: no smtp available ./mail_smtp_greeting_delay.t ............... skipped: no smtp available ./mail_smtp_xclient.t ...................... skipped: no smtp available ./mail_ssl.t ............................... skipped: no imap available ./mail_ssl_conf_command.t .................. skipped: no imap available ./mail_ssl_session_reuse.t ................. skipped: no imap available ./map.t .................................... ok ./map_complex.t ............................ ok ./map_volatile.t ........................... ok ./memcached.t .............................. skipped: Cache::Memcached not installed ./memcached_fake.t ......................... ok ./memcached_fake_extra.t ................... ok ./memcached_keepalive.t .................... skipped: Cache::Memcached not installed ./memcached_keepalive_stale.t .............. skipped: Cache::Memcached not installed ./merge_slashes.t .......................... ok ./mirror.t ................................. ok ./mirror_proxy.t ........................... ok ./mp4.t .................................... ok ./mp4_ssi.t ................................ ok ./mp4_start_key_frame.t .................... ok ./msie_refresh.t ........................... ok ./not_modified.t ........................... ok ./not_modified_finalize.t .................. ok ./not_modified_proxy.t ..................... ok ./perl.t ................................... skipped: no perl available ./perl_gzip.t .............................. skipped: no perl available ./perl_sleep.t ............................. skipped: no perl available ./perl_ssi.t ............................... skipped: no perl available ./post_action.t ............................ ok ./proxy.t .................................. ok ./proxy_available.t ........................ ok ./proxy_bind.t ............................. ok ./proxy_bind_transparent.t ................. skipped: must be root ./proxy_bind_transparent_capability.t ...... skipped: must be root ./proxy_cache.t ............................ ok ./proxy_cache_bypass.t ..................... ok ./proxy_cache_chunked.t .................... ok ./proxy_cache_control.t .................... ok ./proxy_cache_convert_head.t ............... ok ./proxy_cache_error.t ...................... ok ./proxy_cache_lock.t ....................... ok ./proxy_cache_lock_age.t ................... ok ./proxy_cache_lock_ssi.t ................... ok ./proxy_cache_manager.t .................... skipped: long test ./proxy_cache_max_range_offset.t ........... ok ./proxy_cache_min_free.t ................... ok ./proxy_cache_path.t ....................... ok ./proxy_cache_range.t ...................... ok ./proxy_cache_revalidate.t ................. ok ./proxy_cache_use_stale.t .................. ok ./proxy_cache_valid.t ...................... ok ./proxy_cache_variables.t .................. ok ./proxy_cache_vary.t ....................... ok ./proxy_chunked.t .......................... ok ./proxy_chunked_extra.t .................... ok ./proxy_cookie.t ........................... ok ./proxy_cookie_flags.t ..................... ok ./proxy_duplicate_headers.t ................ ok ./proxy_extra_data.t ....................... ok ./proxy_force_ranges.t ..................... ok ./proxy_if.t ............................... ok ./proxy_implicit.t ......................... ok ./proxy_intercept_errors.t ................. ok ./proxy_keepalive.t ........................ ok ./proxy_limit_rate.t ....................... ok ./proxy_max_temp_file_size.t ............... ok ./proxy_merge_headers.t .................... ok ./proxy_method.t ........................... ok ./proxy_next_upstream.t .................... ok ./proxy_next_upstream_tries.t .............. ok ./proxy_noclose.t .......................... ok ./proxy_non_idempotent.t ................... ok ./proxy_pass_request.t ..................... ok ./proxy_protocol.t ......................... ok ./proxy_protocol2.t ........................ ok ./proxy_protocol2_tlv.t .................... ok ./proxy_protocol_ipv6.t .................... ok ./proxy_protocol_unix.t .................... ok ./proxy_redirect.t ......................... ok ./proxy_request_buffering.t ................ ok ./proxy_request_buffering_chunked.t ........ ok ./proxy_request_buffering_keepalive.t ...... ok ./proxy_request_buffering_ssl.t ............ ok ./proxy_set_body.t ......................... ok ./proxy_ssi_body.t ......................... ok ./proxy_ssl.t .............................. ok ./proxy_ssl_certificate.t .................. ok ./proxy_ssl_certificate_empty.t ............ ok ./proxy_ssl_certificate_vars.t ............. ok ./proxy_ssl_conf_command.t ................. ok ./proxy_ssl_keepalive.t .................... ok ./proxy_ssl_name.t ......................... ok ./proxy_ssl_verify.t ....................... ok ./proxy_store.t ............................ ok ./proxy_unfinished.t ....................... ok ./proxy_unix.t ............................. ok ./proxy_upgrade.t .......................... ok ./proxy_upstream_cookie.t .................. ok ./proxy_variables.t ........................ ok ./proxy_websocket.t ........................ skipped: Protocol::WebSocket not installed ./proxy_xar.t .............................. ok ./quic_ciphers.t ........................... skipped: no http_v3 available ./quic_key_update.t ........................ skipped: no http_v3 available ./quic_migration.t ......................... skipped: no http_v3 available ./quic_retry.t ............................. skipped: no http_v3 available ./random_index.t ........................... ok ./range.t .................................. ok ./range_charset.t .......................... ok ./range_clearing.t ......................... ok ./range_flv.t .............................. ok ./range_if_range.t ......................... ok ./range_mp4.t .............................. ok ./realip.t ................................. ok ./realip_hostname.t ........................ ok ./realip_remote_addr.t ..................... ok ./realip_remote_port.t ..................... ok ./referer.t ................................ ok ./request_id.t ............................. ok ./rewrite.t ................................ ok ./rewrite_if.t ............................. ok ./rewrite_set.t ............................ ok ./rewrite_unescape.t ....................... ok ./scgi.t ................................... skipped: SCGI not installed ./scgi_body.t .............................. skipped: SCGI not installed ./scgi_cache.t ............................. skipped: SCGI not installed ./scgi_extra_data.t ........................ skipped: SCGI not installed ./scgi_gzip.t .............................. skipped: SCGI not installed ./scgi_merge_params.t ...................... skipped: SCGI not installed ./secure_link.t ............................ ok ./server_tokens.t .......................... ok ./slice.t .................................. ok ./split_clients.t .......................... ok ./ssi.t .................................... ok ./ssi_delayed.t ............................ ok ./ssi_if.t ................................. ok ./ssi_include_big.t ........................ ok ./ssi_waited.t ............................. ok ./ssl.t .................................... ok ./ssl_certificate.t ........................ ok # Failed test 'intermediate' # at ./ssl_certificate_chain.t line 137. # Failed test 'intermediate server' # at ./ssl_certificate_chain.t line 138. # Looks like you failed 2 tests of 5. ./ssl_certificate_chain.t .................. Dubious, test returned 2 (wstat 512, 0x200) Failed 2/5 subtests ./ssl_certificate_perl.t ................... skipped: no perl available ./ssl_certificates.t ....................... ok ./ssl_client_escaped_cert.t ................ ok ./ssl_conf_command.t ....................... ok # Failed test 'crl - no revoked certs' # at ./ssl_crl.t line 157. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:46 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: FAILED:unsuitable certificate purpose # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^:SUCCESS)' # Looks like you failed 1 test of 5. ./ssl_crl.t ................................ Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests ./ssl_curve.t .............................. ok ./ssl_engine_keys.t ........................ skipped: may not work, leaves coredump # Failed test 'ocsp leaf' # at ./ssl_ocsp.t line 273. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'ocsp many failed request' # at ./ssl_ocsp.t line 277. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:400 Bad.*FAILED:certificate status request failed)' # Failed test 'ocsp many failed' # at ./ssl_ocsp.t line 283. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:400 Bad.*FAILED:certificate status request failed)' # Failed test 'ocsp many' # at ./ssl_ocsp.t line 299. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'cache store' # at ./ssl_ocsp.t line 303. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'revoked' # at ./ssl_ocsp.t line 322. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:400 Bad.*FAILED:certificate revoked)' # Failed test 'ocsp responder' # at ./ssl_ocsp.t line 326. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'ocsp context' # at ./ssl_ocsp.t line 330. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'cache lookup' # at ./ssl_ocsp.t line 334. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'root ca not trusted' # at ./ssl_ocsp.t line 338. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:400 Bad.*FAILED:certificate status request failed)' # Failed test 'ocsp ecdsa' # at ./ssl_ocsp.t line 350. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS)' # Failed test 'session reused' # at ./ssl_ocsp.t line 362. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:200 OK.*SUCCESS:r)' # Failed test 'session reused - revoked' # at ./ssl_ocsp.t line 394. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:36:47 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Verify: xFAILED:unsuitable certificate purpose:.x # X-SSL-Protocol: TLSv1.3 # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^s:400 Bad.*FAILED:certificate revoked:r)' # Looks like you failed 13 tests of 17. ./ssl_ocsp.t ............................... Dubious, test returned 13 (wstat 3328, 0xd00) Failed 13/17 subtests ./ssl_password_file.t ...................... ok ./ssl_proxy_protocol.t ..................... ok ./ssl_proxy_upgrade.t ...................... ok ./ssl_reject_handshake.t ................... ok ./ssl_session_reuse.t ...................... ok ./ssl_session_ticket_key.t ................. ok ./ssl_sni.t ................................ ok ./ssl_sni_reneg.t .......................... ok ./ssl_sni_sessions.t ....................... ok ./ssl_stapling.t ........................... ok ./ssl_verify_client.t ...................... ok # Failed test 'verify depth 1 - int' # at ./ssl_verify_depth.t line 161. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:37:01 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Client: CN=int # X-Verify: FAILED:unsuitable certificate purpose # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^:SUCCESS)' # Failed test 'verify depth 2 - int' # at ./ssl_verify_depth.t line 168. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:37:01 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Client: CN=int # X-Verify: FAILED:unsuitable certificate purpose # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^:SUCCESS)' # Failed test 'verify depth 2 - end' # at ./ssl_verify_depth.t line 169. # 'HTTP/1.1 400 Bad Request # Server: nginx/1.24.0 # Date: Fri, 26 Jan 2024 11:37:01 GMT # Content-Type: text/html # Content-Length: 215 # Connection: close # X-Client: CN=end # X-Verify: FAILED:unsuitable certificate purpose # # <html> # <head><title>400 The SSL certificate error</title></head> # <body> # <center><h1>400 Bad Request</h1></center> # <center>The SSL certificate error</center> # <hr><center>nginx/1.24.0</center> # </body> # </html> # ' # doesn't match '(?^:SUCCESS)' # Looks like you failed 3 tests of 11. ./ssl_verify_depth.t ....................... Dubious, test returned 3 (wstat 768, 0x300) Failed 3/11 subtests ./stream_access.t .......................... ok ./stream_access_log.t ...................... ok ./stream_access_log_escape.t ............... ok ./stream_access_log_none.t ................. ok ./stream_error_log.t ....................... ok ./stream_geo.t ............................. ok ./stream_geo_binary.t ...................... skipped: long configuration parsing ./stream_geo_ipv6.t ........................ ok ./stream_geo_unix.t ........................ ok ./stream_geoip.t ........................... skipped: no stream_geoip available ./stream_limit_conn.t ...................... ok ./stream_limit_conn_complex.t .............. ok ./stream_limit_conn_dry_run.t .............. ok ./stream_limit_rate.t ...................... ok ./stream_limit_rate2.t ..................... ok ./stream_map.t ............................. ok ./stream_proxy.t ........................... ok ./stream_proxy_bind.t ...................... ok ./stream_proxy_complex.t ................... ok ./stream_proxy_half_close.t ................ ok ./stream_proxy_next_upstream.t ............. ok ./stream_proxy_protocol.t .................. ok ./stream_proxy_protocol2_tlv.t ............. ok ./stream_proxy_protocol_ipv6.t ............. ok ./stream_proxy_protocol_ssl.t .............. ok ./stream_proxy_ssl.t ....................... ok ./stream_proxy_ssl_certificate.t ........... ok ./stream_proxy_ssl_certificate_vars.t ...... ok ./stream_proxy_ssl_conf_command.t .......... ok ./stream_proxy_ssl_name.t .................. ok ./stream_proxy_ssl_name_complex.t .......... ok ./stream_proxy_ssl_verify.t ................ ok ./stream_realip.t .......................... ok ./stream_realip_hostname.t ................. ok ./stream_resolver.t ........................ ok ./stream_set.t ............................. ok ./stream_split_clients.t ................... ok ./stream_ssl.t ............................. ok ./stream_ssl_alpn.t ........................ ok ./stream_ssl_certificate.t ................. ok ./stream_ssl_conf_command.t ................ ok ./stream_ssl_preread.t ..................... ok ./stream_ssl_preread_alpn.t ................ ok ./stream_ssl_preread_protocol.t ............ ok ./stream_ssl_realip.t ...................... ok ./stream_ssl_session_reuse.t ............... ok ./stream_ssl_variables.t ................... ok ./stream_ssl_verify_client.t ............... ok ./stream_status_variable.t ................. ok ./stream_tcp_nodelay.t ..................... ok ./stream_udp_limit_conn.t .................. ok ./stream_udp_limit_rate.t .................. ok ./stream_udp_proxy.t ....................... ok ./stream_udp_proxy_requests.t .............. ok ./stream_udp_stream.t ...................... ok ./stream_udp_upstream.t .................... ok ./stream_udp_upstream_hash.t ............... ok ./stream_udp_upstream_least_conn.t ......... ok ./stream_udp_wildcard.t .................... skipped: listen on wildcard address ./stream_unix.t ............................ ok ./stream_upstream.t ........................ ok ./stream_upstream_hash.t ................... ok ./stream_upstream_least_conn.t ............. ok ./stream_upstream_max_conns.t .............. ok ./stream_upstream_random.t ................. ok ./stream_upstream_zone.t ................... ok ./stream_upstream_zone_ssl.t ............... ok ./stream_variables.t ....................... ok ./stub_status.t ............................ ok ./sub_filter.t ............................. ok ./sub_filter_buffering.t ................... ok ./sub_filter_merge.t ....................... ok ./sub_filter_multi.t ....................... ok ./sub_filter_multi2.t ...................... ok ./sub_filter_perl.t ........................ skipped: no perl available ./sub_filter_slice.t ....................... ok ./sub_filter_ssi.t ......................... skipped: no xslt available ./subrequest_output_buffer_size.t .......... ok ./syslog.t ................................. ok ./trailers.t ............................... ok ./upstream.t ............................... ok ./upstream_hash.t .......................... ok ./upstream_hash_memcached.t ................ skipped: Cache::Memcached not installed ./upstream_ip_hash.t ....................... ok ./upstream_ip_hash_ipv6.t .................. ok ./upstream_keepalive.t ..................... ok ./upstream_least_conn.t .................... ok ./upstream_max_conns.t ..................... ok ./upstream_random.t ........................ ok ./upstream_zone.t .......................... ok ./upstream_zone_ssl.t ...................... ok ./userid.t ................................. ok ./userid_flags.t ........................... ok ./uwsgi.t .................................. skipped: uwsgi not found ./uwsgi_body.t ............................. skipped: uwsgi not found ./uwsgi_ssl.t .............................. skipped: uwsgi not found ./uwsgi_ssl_certificate.t .................. ok ./uwsgi_ssl_certificate_vars.t ............. ok ./uwsgi_ssl_verify.t ....................... skipped: uwsgi not found ./worker_shutdown_timeout.t ................ ok ./worker_shutdown_timeout_h2.t ............. ok ./worker_shutdown_timeout_mail.t ........... skipped: no imap available ./worker_shutdown_timeout_proxy_upgrade.t .. ok ./worker_shutdown_timeout_stream.t ......... ok ./xslt.t ................................... skipped: no xslt available ./xslt_params.t ............................ skipped: no xslt available Test Summary Report ------------------- ./ssl_certificate_chain.t (Wstat: 512 (exited 2) Tests: 5 Failed: 2) Failed tests: 2-3 Non-zero exit status: 2 ./ssl_crl.t (Wstat: 256 (exited 1) Tests: 5 Failed: 1) Failed test: 1 Non-zero exit status: 1 ./ssl_ocsp.t (Wstat: 3328 (exited 13) Tests: 17 Failed: 13) Failed tests: 1-13 Non-zero exit status: 13 ./ssl_verify_depth.t (Wstat: 768 (exited 3) Tests: 11 Failed: 3) Failed tests: 5, 8-9 Non-zero exit status: 3 Files=416, Tests=4620, 423 wallclock secs ( 2.27 usr 0.88 sys + 78.05 cusr 14.15 csys = 95.35 CPU) Result: FAIL
Note:
See TracTickets
for help on using tickets.
