Closed xry111 closed 1 year ago
coveralls
commented
1 year ago coverage: 69.627% (-0.005%) from 69.632% when pulling 5edad66cbb807739654bc143fb2456f77b24738d on xry111:xry111/fix-get-interface-check into 4d58e40b49d40ac663c77ec694d9636ab6d99943 on p11-glue:master.
mcatanzaro
commented
1 year ago Hey, I notice this fix is not released yet. It seems p11-kit 0.25.0 breaks glib-networking's tests because its mock-pkcs11.so fails to load, and this pull request fixes it. Perhaps time for a 0.25.1 release?
ZoltanFridrich
commented
1 year ago Hey, I notice this fix is not released yet. It seems p11-kit 0.25.0 breaks glib-networking's tests because its mock-pkcs11.so fails to load, and this pull request fixes it. Perhaps time for a 0.25.1 release
The new release is at least one feature and few bug fixes away. I guess we will make 0.25.1 release in October. Unless something very urgent comes.
nickyang777
commented
1 year ago I've also found that it seems p11-kit 0.25.0(466a31b960ba690b5f09d0d68604c3ce05e8c71a) breaks glib-networking's tests, but this commit doesn't fix it completely, and there are still some test cases that fail.
xry111
commented
1 year ago I've also found that it seems p11-kit 0.25.0(466a31b) breaks glib-networking's tests, but this commit doesn't fix it completely, and there are still some test cases that fail.
It makes the test result clean for me (with glib-networking-2.78.0):
[0/1] Running all tests.
1/5 gnome OK 0.05s
2/5 certificate-gnutls OK 0.05s
3/5 file-database-gnutls OK 0.15s
4/5 connection-gnutls-tls1.2 OK 5.96s
5/5 connection-gnutls OK 6.23s
Ok: 5
Expected Fail: 0
Fail: 0
Unexpected Pass: 0
Skipped: 0
Timeout: 0 I've not enabled libproxy or openssl though.
nickyang777
commented
1 year ago I've also found that it seems p11-kit 0.25.0(466a31b) breaks glib-networking's tests, but this commit doesn't fix it completely, and there are still some test cases that fail.
It makes the test result clean for me (with glib-networking-2.78.0):
[0/1] Running all tests. 1/5 gnome OK 0.05s 2/5 certificate-gnutls OK 0.05s 3/5 file-database-gnutls OK 0.15s 4/5 connection-gnutls-tls1.2 OK 5.96s 5/5 connection-gnutls OK 6.23s Ok: 5 Expected Fail: 0 Fail: 0 Unexpected Pass: 0 Skipped: 0 Timeout: 0I've not enabled libproxy or openssl though.
The patch of the community is integrated based on the 2.76.1 version, but the test case still fails. 1/6 gnome OK 0.03s 2/6 certificate-gnutls OK 0.04s 3/6 file-database-gnutls OK 0.10s 4/6 environment-libproxy OK 0.13s 5/6 connection-gnutls-tls1.2 FAIL 1.40s killed by signal 6 SIGABRT 6/6 connection-gnutls FAIL 1.81s killed by signal 6 SIGABRT
What are the versions of glib2 and gnutls you use?
xry111
commented
1 year ago What are the versions of glib2 and gnutls you use?
glib-2.78.0 and gnutls-3.8.0. I'll update to gnutls-3.8.1 and try again...
xry111
commented
1 year ago What are the versions of glib2 and gnutls you use?
glib-2.78.0 and gnutls-3.8.0. I'll update to gnutls-3.8.1 and try again...
Same result with gnutls-3.8.1.
mcatanzaro
commented
1 year ago Feel free to report a glib-networking issue (when GNOME GitLab recovers; currently it is broken) with a backtrace showing where the test is failing, unless you have some reason to believe p11-kit is to blame for those failures.
nickyang777
commented
1 year ago Thank you for your reply. I tried again and rebuilt it based on p11-kit. The glib-networking'test was successful
p11_dl_symbol (dl, "C_GetInterface")uses dlsym() to find C_GetInterface in the loaded pkcs11 module. For legacy (pre-3.0) pkcs11 modules, C_GetInterface is not defined in the module. But according to the documentation of dlsym():So if a pkcs11 module links to libp11-kit.so, the C_GetInterface implementation in libp11-kit.so itself will be found. This C_GetInterface will return the metadata of p11-kit-trust.so, causing "Refuse to load the p11-kit-proxy.so as a registered module".
To solve the issue, if p11_dl_symbol() returns the C_GetInterface in libp11-kit.so itself, we should ignore it and continue trying C_GetFunctionList.