auth-nonascii test fails or segfaults depending on system environment
David Woodhouse
dwmw2 at infradead.org
Mon Aug 14 05:36:31 PDT 2017
On Mon, 2017-07-10 at 16:29 -0700, Mike Miller wrote:
> Hi,
>
> I noticed that the recently added test "auth-nonascii" fails as
> currently written under a handful of different system configurations.
>
> In short, I think using LC_CTYPE in the script is not a strong enough
> constraint, because the caller's LC_ALL may override it if set. Using
> LC_ALL as in the following patch fixes this for me.
>
> diff --git a/tests/auth-nonascii b/tests/auth-nonascii
> index d930b117d29c..1da8de25464a 100755
> --- a/tests/auth-nonascii
> +++ b/tests/auth-nonascii
> @@ -34,7 +34,7 @@ set -x
> for CHARSET in UTF-8 ISO8859-2; do
> echo -n "Connecting to obtain cookie (with password charset ${CHARSET})... "
> CERTARGS="-c ${KEY} --key-password $(cat ${srcdir}/pass-${CHARSET})"
> - ( echo "test" | LC_CTYPE=cs_CZ.${CHARSET} LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly --passwd-on-stdin ) ||
> + ( echo "test" | LC_ALL=cs_CZ.${CHARSET} LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly --passwd-on-stdin ) ||
> fail $PID "Could not connect with charset ${CHARSET}!"
> done
Thanks. I've just pushed that fix.
> I think it's also worth reporting that OpenConnect segfaults if the
> cs_CZ locales are not available on the system when this test runs,
> either with or without this change:
>
> iconv: Invalid or incomplete multibyte or wide character
> *** Error in `/.../.libs/openconnect': free(): invalid pointer: 0x00007ffe53d2d7e4 ***
> free called from load_pkcs12_certificate at gnutls.c:526
Yay for testing :)
I actually had a fix for that lying around in my tree for a while; have
finally pushed it now. Thanks!
I note that the auth-nonascii test still fails on Ubuntu 16.04, as even
in the trivial case of the default UTF-8 (in my case en_GB) locale,
GnuTLS won't open the file:
Using certificate file ./certs/user-key-nonascii-password.p12
Failed to process PKCS#12 file: The given password contains invalid characters.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4938 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170814/3f1ea369/attachment-0001.bin>
More information about the openconnect-devel
mailing list