SUMMARY 6/24 Testing: CryptographicMessageSyntax 6/24 Test: CryptographicMessageSyntax Command: "/var/tmp/paludis/build/app-crypt-qca-2.3.2/work/build/bin/cms" Directory: /var/tmp/paludis/build/app-crypt-qca-2.3.2/work/build/bin "CryptographicMessageSyntax" start time: Feb 04 22:09 CET Output: ---------------------------------------------------------- ********* Start testing of CMSut ********* Config: Using QtTest library 5.15.2, Qt 5.15.2 (x86_64-little_endian-lp64 shared (dynamic) release build; by GCC 10.2.0), exherbo unknown PASS : CMSut::initTestCase() PASS : CMSut::xcrypt(empty) PASS : CMSut::xcrypt(0) PASS : CMSut::xcrypt(07) PASS : CMSut::xcrypt(dubious) XPASS : CMSut::signverify(empty) 'msg.verifySuccess()' returned TRUE unexpectedly. () Loc: [/var/tmp/paludis/build/app-crypt-qca-2.3.2/work/qca-2.3.2/unittest/cms/cms.cpp(256)] XPASS : CMSut::signverify(empty) 'msg.verifySuccess()' returned TRUE unexpectedly. () Loc: [/var/tmp/paludis/build/app-crypt-qca-2.3.2/work/qca-2.3.2/unittest/cms/cms.cpp(268)] FAIL! : CMSut::signverify(empty) Compared values are not the same Actual (msg.verifySuccess()): 1 Expected (false) : 0 Loc: [/var/tmp/paludis/build/app-crypt-qca-2.3.2/work/qca-2.3.2/unittest/cms/cms.cpp(280)] PASS : CMSut::signverify(0) PASS : CMSut::signverify(07) PASS : CMSut::signverify(dubious) PASS : CMSut::signverify_message(empty) PASS : CMSut::signverify_message(0) PASS : CMSut::signverify_message(07) PASS : CMSut::signverify_message(dubious) PASS : CMSut::signverify_message_invalid(empty) PASS : CMSut::signverify_message_invalid(0) PASS : CMSut::signverify_message_invalid(07) PASS : CMSut::signverify_message_invalid(dubious) PASS : CMSut::cleanupTestCase() Totals: 17 passed, 3 failed, 0 skipped, 0 blacklisted, 23ms ********* Finished testing of CMSut ********* <end of output> Test time = 0.03 sec ---------------------------------------------------------- Test Failed. "CryptographicMessageSyntax" end time: Feb 04 22:09 CET "CryptographicMessageSyntax" time elapsed: 00:00:00 ---------------------------------------------------------- SOFTWARE/OS VERSIONS Linux: 5.10.9 / openssl 1.1.1i Qt Version: 5.15.2
CI says it passes https://invent.kde.org/libraries/qca/-/jobs/90348 can you re-confirm that 2.3.1 works for you? maybe it's an updated dependency that makes the result of this change?
(In reply to Albert Astals Cid from comment #1) > CI says it passes https://invent.kde.org/libraries/qca/-/jobs/90348 > > can you re-confirm that 2.3.1 works for you? maybe it's an updated > dependency that makes the result of this change? No, it doesn't. But I'm pretty sure it did at some point. If I understand Ubuntu packaging correctly, they only cherry-pick security fixes on top of openssl-1.1.1 while I have 1.1.1i. That should only contain bug and security fixes compared to 1.1.1, but maybe they come with a behaviour change somewhere.
Right, so there's some behaviour change down the line that broke this :/ I'll investigate soon, but honestly not a good reason not to package 2.3.2, since 2.3.1 fails in the your system anyway :D
I investigated a bit. Turns out the behaviour change is between 1.1.1h and 1.1.1i, bisecting led me to https://github.com/openssl/openssl/commit/6f1bee08cf80b9473496991b51f1f4a0decd96de While the title sounds like it would explain the two unexpected passes, I really don't know enough about this to say anything besides guessing.
good find, so they made that verifying an empty message always succeeds now, will update the tests.
Apparently the git commit hook failed to close this. Fixed by https://invent.kde.org/libraries/qca/-/commit/bc94cc08e1d3ea733946861d90a21681d58665ab