search

aiortc / aioquic

QUIC and HTTP/3 implementation in Python
BSD 3-Clause "New" or "Revised" License
1.68k stars 238 forks source link

Test failures with OpenSSL 3 #345

Closed mweinelt closed 1 year ago

mweinelt commented 1 year ago

Hi! With 0.9.20 we're seeing the following test failures after switching to OpenSSL 3.


============================= test session starts ==============================
platform linux -- Python 3.10.8, pytest-7.1.3, pluggy-1.0.0
rootdir: /build/aioquic-0.9.20
collected 385 items                                                            

tests/test_asyncio.py ..........................                         [  6%]
tests/test_buffer.py .........................                           [ 13%]
tests/test_connection.py ............................................... [ 25%]
................................................................         [ 42%]
tests/test_crypto.py ............                                        [ 45%]
tests/test_crypto_draft_29.py ...........                                [ 48%]
tests/test_h0.py ...                                                     [ 48%]
tests/test_h3.py ........................................                [ 59%]
tests/test_logger.py ....                                                [ 60%]
tests/test_packet.py ..........................                          [ 67%]
tests/test_packet_builder.py ................                            [ 71%]
tests/test_rangeset.py .....................                             [ 76%]
tests/test_recovery.py .......                                           [ 78%]
tests/test_retry.py .                                                    [ 78%]
tests/test_stream.py ............................                        [ 85%]
tests/test_tls.py .......F..................................FF...        [ 98%]
tests/test_webtransport.py .......                                       [100%]

=================================== FAILURES ===================================
______________ ContextTest.test_handshake_with_certificate_error _______________

self = <tests.test_tls.ContextTest testMethod=test_handshake_with_certificate_error>

    def test_handshake_with_certificate_error(self):
        client = self.create_client(cafile=None)
        server = self.create_server()

        with self.assertRaises(tls.AlertBadCertificate) as cm:
            self._handshake(client, server)
>       self.assertEqual(str(cm.exception), "unable to get local issuer certificate")
E       AssertionError: 'a' != 'unable to get local issuer certificate'
E       - a
E       + unable to get local issuer certificate

tests/test_tls.py:433: AssertionError
_____________ VerifyCertificateTest.test_verify_certificate_chain ______________

self = <tests.test_tls.VerifyCertificateTest testMethod=test_verify_certificate_chain>

    def test_verify_certificate_chain(self):
        with open(SERVER_CERTFILE, "rb") as fp:
            certificate = load_pem_x509_certificates(fp.read())[0]

        with patch("aioquic.tls.utcnow") as mock_utcnow:
            mock_utcnow.return_value = certificate.not_valid_before

            # fail
            with self.assertRaises(tls.AlertBadCertificate) as cm:
                verify_certificate(certificate=certificate, server_name="localhost")
>           self.assertEqual(
                str(cm.exception), "unable to get local issuer certificate"
            )
E           AssertionError: 'a' != 'unable to get local issuer certificate'
E           - a
E           + unable to get local issuer certificate

tests/test_tls.py:1268: AssertionError
_______ VerifyCertificateTest.test_verify_certificate_chain_self_signed ________

self = <tests.test_tls.VerifyCertificateTest testMethod=test_verify_certificate_chain_self_signed>

    def test_verify_certificate_chain_self_signed(self):
        certificate, _ = generate_ec_certificate(
            common_name="localhost", curve=ec.SECP256R1
        )

        with patch("aioquic.tls.utcnow") as mock_utcnow:
            mock_utcnow.return_value = certificate.not_valid_before

            # fail
            with self.assertRaises(tls.AlertBadCertificate) as cm:
                verify_certificate(certificate=certificate, server_name="localhost")
>           self.assertEqual(str(cm.exception), "self signed certificate")
E           AssertionError: 'l' != 'self signed certificate'
E           - l
E           + self signed certificate

tests/test_tls.py:1290: AssertionError
github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

mweinelt commented 1 year ago

Still relevant

jlaine commented 1 year ago

This was fixed in #349