-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extend the ttls test to be able to test different configurations #422
Conversation
Looks like the ECDSA fails on MacOS. @neverpanic any idea why? |
1df3535
to
8b0529b
Compare
Removed the commit that made it failing all over the place and keeping just the fixups that should make the CI pass (except for mac?) and that should be generally useful. The commit making all of that failing is available in the wip branch https://github.com/Jakuje/pkcs11-provider/commits/ttls-test-wip/ and I believe they might be useful for reproducing further TLS issues. |
Uhm in the second macos test faile di see that softhsm setup fails, but softokn and kryoptic setups succeed, yet all tests are skipped, would you happen to know why ? |
99b85ee
to
2b33ac4
Compare
@Jakuje Sorry for the delay on this – I checked out this branch, built it locally and ran the tests, and they all pass on my system. This either means that the issue isn't easily reproducible, or it only happens with components from Homebrew (I use MacPorts). If you don't have any idea what's going on I can spend some more time to investigate and attempt to reproduce, but that will involve actually setting up a macOS VM, so unless we have no further avenues to follow up on, I'd like to avoid this. |
The v3 will be deprecated soon https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/ Signed-off-by: Jakub Jelen <jjelen@redhat.com>
The softhsm no longer uses the p11-kit proxy. It is not relevant to kryoptic either. Signed-off-by: Jakub Jelen <jjelen@redhat.com>
4002a46
to
44fe305
Compare
Sounds like the issue was with the server that I did not kill it after each test. For some reason, it did not matter for linux, but did for macos. Now all looks green, except for the coverity, which I think is not relevant for this change. |
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
…lgorithms Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
The coverity scan is "failed" because it detected a code change after the covscan-ok label was set. |
But there is no code change, so that's odd, I will have to recheck the logic in the CI automation, I will manually set the label after review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Description
The TLS tests now tests just the default parameters with RSA key. This PR extends it to test also TLS 1.2, ECDSA keys and specific ciphersuites.
Checklist
Reviewer's checklist: