https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Bug ID: 2264610 Summary: FTBFS: sssd intermediate CA tests fail with OpenSSL 3.2 Product: Fedora Version: rawhide OS: Linux Status: NEW Component: sssd Severity: medium Assignee: sssd-maintainers@lists.fedoraproject.org Reporter: sgallagh@redhat.com QA Contact: extras-qa@fedoraproject.org CC: abokovoy@redhat.com, atikhono@redhat.com, lslebodn@redhat.com, mzidek@redhat.com, pbrezina@redhat.com, sbose@redhat.com, ssorce@redhat.com, sssd-maintainers@lists.fedoraproject.org Target Milestone: --- Classification: Fedora
$ /usr/bin/make -C src/tests/test_CA/intermediate_CA ca_all make: Entering directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA' test -z "index.txt index.txt.attr index.txt.attr.old index.txt.old SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_req.pem SSSD_test_intermediate_CA_full_db.pem SSSD_test_CA.pem pwdfile SSSD_test_intermediate_CA_cert_x509_0001.pem SSSD_test_intermediate_CA_cert_x509_0001.h SSSD_test_intermediate_CA_cert_pubsshkey_0001.pub SSSD_test_intermediate_CA_cert_pubsshkey_0001.h SSSD_test_intermediate_CA_cert_pkcs12_0001.pem softhsm2_*.conf " || rm -f index.txt index.txt.attr index.txt.attr.old index.txt.old SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_req.pem SSSD_test_intermediate_CA_full_db.pem SSSD_test_CA.pem pwdfile SSSD_test_intermediate_CA_cert_x509_0001.pem SSSD_test_intermediate_CA_cert_x509_0001.h SSSD_test_intermediate_CA_cert_pubsshkey_0001.pub SSSD_test_intermediate_CA_cert_pubsshkey_0001.h SSSD_test_intermediate_CA_cert_pkcs12_0001.pem softhsm2_*.conf rm -rf .libs _libs rm -rf newcerts rm -rf softhsm* rm -rf serial* rm -f *.lo /usr/bin/make -C ./.. SSSD_test_CA.pem make[1]: Entering directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA' /usr/bin/openssl req -batch -config ./SSSD_test_CA.config -x509 -new -nodes -key SSSD_test_CA_key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out SSSD_test_CA.pem make[1]: Leaving directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA' ln -s ./../SSSD_test_CA.pem /usr/bin/openssl req -batch -config ./SSSD_test_intermediate_CA.config -new -nodes -key /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem -sha256 -out SSSD_test_intermediate_CA_req.pem cd .. && /usr/bin/openssl ca -config /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA.config -batch -notext -keyfile /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA_key.pem -in /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_req.pem -days 200 -extensions v3_intermediate_ca -out /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.pem Using configuration from /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA.config Check that the request matches the signature Signature ok ERROR:There is already a certificate for /O=SSSD/OU=SSSD test/CN=SSSD test intermediate CA The matching entry has the following details Type :Valid Expires on :240903175906Z Serial Number :08 File name :unknown Subject Name :/O=SSSD/OU=SSSD test/CN=SSSD test intermediate CA make: *** [Makefile:756: SSSD_test_intermediate_CA.pem] Error 1 make: Leaving directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA'
Reproducible: Always
Steps to Reproduce: 1.Build SSSD and run the intermediate CA tests 2. 3. Actual Results: $ /usr/bin/make -C src/tests/test_CA/intermediate_CA ca_all make: Entering directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA' test -z "index.txt index.txt.attr index.txt.attr.old index.txt.old SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_req.pem SSSD_test_intermediate_CA_full_db.pem SSSD_test_CA.pem pwdfile SSSD_test_intermediate_CA_cert_x509_0001.pem SSSD_test_intermediate_CA_cert_x509_0001.h SSSD_test_intermediate_CA_cert_pubsshkey_0001.pub SSSD_test_intermediate_CA_cert_pubsshkey_0001.h SSSD_test_intermediate_CA_cert_pkcs12_0001.pem softhsm2_*.conf " || rm -f index.txt index.txt.attr index.txt.attr.old index.txt.old SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_req.pem SSSD_test_intermediate_CA_full_db.pem SSSD_test_CA.pem pwdfile SSSD_test_intermediate_CA_cert_x509_0001.pem SSSD_test_intermediate_CA_cert_x509_0001.h SSSD_test_intermediate_CA_cert_pubsshkey_0001.pub SSSD_test_intermediate_CA_cert_pubsshkey_0001.h SSSD_test_intermediate_CA_cert_pkcs12_0001.pem softhsm2_*.conf rm -rf .libs _libs rm -rf newcerts rm -rf softhsm* rm -rf serial* rm -f *.lo /usr/bin/make -C ./.. SSSD_test_CA.pem make[1]: Entering directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA' /usr/bin/openssl req -batch -config ./SSSD_test_CA.config -x509 -new -nodes -key SSSD_test_CA_key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out SSSD_test_CA.pem make[1]: Leaving directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA' ln -s ./../SSSD_test_CA.pem /usr/bin/openssl req -batch -config ./SSSD_test_intermediate_CA.config -new -nodes -key /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem -sha256 -out SSSD_test_intermediate_CA_req.pem cd .. && /usr/bin/openssl ca -config /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA.config -batch -notext -keyfile /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA_key.pem -in /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_req.pem -days 200 -extensions v3_intermediate_ca -out /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.pem Using configuration from /home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA/../SSSD_test_CA.config Check that the request matches the signature Signature ok ERROR:There is already a certificate for /O=SSSD/OU=SSSD test/CN=SSSD test intermediate CA The matching entry has the following details Type :Valid Expires on :240903175906Z Serial Number :08 File name :unknown Subject Name :/O=SSSD/OU=SSSD test/CN=SSSD test intermediate CA make: *** [Makefile:756: SSSD_test_intermediate_CA.pem] Error 1 make: Leaving directory '/home/sgallagh/localworkspace/sssd/src/tests/test_CA/intermediate_CA'
Expected Results: Successful test run.
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Alexey Tikhonov atikhono@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |POST
--- Comment #1 from Alexey Tikhonov atikhono@redhat.com --- Pushed PR: https://github.com/SSSD/sssd/pull/7151
* `master` * 32b72c7c3303edb2bf55ae9a22e8db7855f3d7d1 - tests: Drop -extensions from openssl command if there is no -x509 * `sssd-2-9` * a453f9625b40a0a1fbcf055ffa196121f2b248b5 - tests: Drop -extensions from openssl command if there is no -x509
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Alexey Tikhonov atikhono@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2244836 (PYTHON3.13), | |2260875 | |(F41FTBFS,RAWHIDEFTBFS) CC| |ksurma@redhat.com
--- Comment #2 from Alexey Tikhonov atikhono@redhat.com --- *** Bug 2272913 has been marked as a duplicate of this bug. ***
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2244836 [Bug 2244836] Python 3.13 https://bugzilla.redhat.com/show_bug.cgi?id=2260875 [Bug 2260875] Fedora 41 FTBFS Tracker
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Alexey Tikhonov atikhono@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|sssd-maintainers@lists.fedo |pbrezina@redhat.com |raproject.org |
--- Comment #3 from Alexey Tikhonov atikhono@redhat.com --- https://src.fedoraproject.org/rpms/sssd/pull-request/45#
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
--- Comment #4 from Alexey Tikhonov atikhono@redhat.com --- https://src.fedoraproject.org/rpms/sssd/c/cd2652550c6474787e7abd92485f3ef388...
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Alexey Tikhonov atikhono@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|POST |MODIFIED Fixed In Version| |sssd-2.9.4-6.fc41
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
--- Comment #5 from Fedora Update System updates@fedoraproject.org --- FEDORA-2024-73827b9035 (sssd-2.10.0-1.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-73827b9035
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |ON_QA
--- Comment #6 from Fedora Update System updates@fedoraproject.org --- FEDORA-2024-73827b9035 has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-73827b9035` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-73827b9035
See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
https://bugzilla.redhat.com/show_bug.cgi?id=2264610
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Fixed In Version|sssd-2.9.4-6.fc41 |sssd-2.9.4-6.fc41 | |sssd-2.10.0-1.fc41 Resolution|--- |ERRATA Last Closed| |2024-10-17 23:11:40
--- Comment #7 from Fedora Update System updates@fedoraproject.org --- FEDORA-2024-73827b9035 (sssd-2.10.0-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.
sssd-maintainers@lists.fedoraproject.org