New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test_ssl (test_algorithms) failures on bolen-ubuntu slaves: sha256.tbs-internet.com unknown host #69860
Comments
It appears that the test host (sha256.tbs-internet.com) used by test_algorithms in test_ssl.py no longer exists. It was showing up as a certificate failure in the test because it ended up falling back to a resolv.conf search path which yielded a host that did do SSL but obviously with the wrong certificate. db3l@buildbot-ubuntu:~$ host sha256.tbs-internet.com db3l@buildbot-ubuntu: ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> @ns1.tbs-internet.com sha256.tbs-internet.com ;; OPT PSEUDOSECTION: ;; AUTHORITY SECTION: ;; Query time: 93 msec What I can't yet understand is why this is not causing issues on other slaves. I suppose some might be skipping the test if SNI was not supported, but surely not all of them? |
Ah, it appears that the transient_internet context manager in the test causes it to be skipped if the host is unknown. So mine was just "lucky" in that it fell back to connecting somewhere else. I've removed my resolver search path on bolen-ubuntu which will resolve the test failures on that slave, but I presume test_algorithms is never being run by anyone at this point. |
So the mystery of that buildbot is solved, but I think that test needs some work. |
The sha256.tbs-internet.com has been down for a while and the DNS record is no longer available. Alex and I agreed that the test no longer makes sense, too. RSA certs with SHA-256 signatures are de-facto standard and supported by OpenSSL for a long time. We test SHA-256 certs with several other tests that talk to remote servers. I'm going to remove the test and sha256 cert. |
I've removed the sha256.tbs-internet.com from 2.7, 3.6, and master. 3.5 and previous versions are in security fix-only mode. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: