Page MenuHome GnuPG
Create Task
Maniphest T1390

gnupg testsuite: failed test "armor" (bug#1179 is back in town)
Closed, ResolvedPublic
Actions

Description

I am getting a test failure on both gnupg version 1.4.12 and 2.0.18:

armor.test: bug#1179 is back in town

FAIL: armor.test

1 of 27 tests failed

Please report to http://bugs.gnupg.org

Details

Version
1.4.12

Related Objects

Event Timeline

g.trentalancia set Version to 1.4.12.Feb 8 2012, 12:46 AM
g.trentalancia added projects: gnupg, Bug Report.
g.trentalancia added a subscriber: g.trentalancia.
werner added a subscriber: werner.May 8 2012, 4:47 PM

What OS and what shell are you using? Please also attach the file armor.test.log.

g.trentalancia added a comment.May 9 2012, 11:59 PM

On Tue, 2012-05-08 at 14:47 +0000, Werner Koch via BTS wrote:

Werner Koch <wk@gnupg.org> added the comment:

What OS and what shell are you using? Please also attach the file armor.test.log.

linux / bash

status: unread -> chatting

g10 Code's BTS <gnupg@bugs.g10code.com>
<T1390>

werner added a comment.May 13 2012, 12:59 PM

linux is a bit unspecific. Debian, Suse, Fedora, Ubuntu, Genttoo, Arch ?
I also need to see the log file - if you hesitate to post it to this BTS, feel
free to send it by PM to me (wk@gnupg.org) - Not HTML parts, you may want to
_gzip_ the log file.

g.trentalancia added a comment.May 18 2012, 7:54 PM

Hello.

The first time I did run the test, the armor.test.log file was as
follows:

armor.test: checking: armored_key_8192
gpg: key DE415B0E: "Susumu OSAWA <susumu-o@goforward.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
armor.test: importing: alpha_seckey
gpg: importing secret keys not allowed
gpg: Total number processed: 1
gpg: secret keys read: 1
armor.test: checking: nopad_armored_msg
gpg: encrypted with RSA key, ID F409CD54
gpg: encrypted with 1024-bit ELG-E key, ID 46A871F8, created 1999-03-08

"Alfa Test (demo key) <alfa@example.net>"

gpg: decryption failed: secret key not available
armor.test: bug#1179 is back in town

When I did make clean, rebuild and test again, the armor.test.log file
was as follows:

armor.test: checking: armored_key_8192
gpg: key DE415B0E: public key "Susumu OSAWA <susumu-o@goforward.org>"
imported
gpg: Total number processed: 1
gpg: imported: 1
armor.test: importing: alpha_seckey
gpg: importing secret keys not allowed
gpg: Total number processed: 1
gpg: secret keys read: 1
armor.test: checking: nopad_armored_msg
gpg: encrypted with RSA key, ID F409CD54
gpg: encrypted with 1024-bit ELG-E key, ID 46A871F8, created 1999-03-08

"Alfa Test (demo key) <alfa@example.net>"

gpg: decryption failed: secret key not available
armor.test: bug#1179 is back in town

So, it is different:

2c2

< gpg: key DE415B0E: "Susumu OSAWA <susumu-o@goforward.org>" not changed

gpg: key DE415B0E: public key "Susumu OSAWA <susumu-o@goforward.org>"

imported
4c4

< gpg: unchanged: 1

gpg: imported: 1

On Tue, 2012-05-08 at 14:47 +0000, Werner Koch via BTS wrote:

Werner Koch <wk@gnupg.org> added the comment:

What OS and what shell are you using? Please also attach the file armor.test.log.

status: unread -> chatting

g10 Code's BTS <gnupg@bugs.g10code.com>
<T1390>

werner added a comment.May 29 2012, 6:52 PM

Sure, a "make clean" will delete the keyring and thus you see a message:
“imported" - if you run it a second time you see “not changed". That is all okay.

But please tell us the info I requested.

g.trentalancia added a comment.Jun 3 2012, 6:20 PM

Hello Werner.

On Fri, 2012-06-01 at 20:03 +0200, Werner Koch wrote:

On Fri, 1 Jun 2012 18:46, g.trentalancia@libero.it said:

No, I don't want commercial support for it, otherwise I had sorted it
myself. I just thought it might be helpful for the development of your
software...

To be helpful, I need to know more details on your OS. In general these
information should be made public. If you can give me a reason why you
can't disclose them, that is fine. But spending my time on guesswork is
not what I want to as pro bono work.

I decided to spend a few more minutes on the issue of the failed armor
test case for gnupg 1.4.12.

Apparently it is not a bug. The test fails because gpg cannot import
secret keys. And it cannot import secret keys because such functionality
is disabled by the configuration with the "--enable-selinux-support"
option (#define ENABLE_SELINUX_HACKS 1).

So, it's actually some added functionality (being safer) and you should
probably consider it an expected failure (or even better avoid running
such test) for SELinux-enabled builds.

Here is an example patch for the Makefile:

[begin patch]

Exclude some tests when building with --enable-selinux-support.

Currently armor test needs to be excluded because it imports secret
keys which is disabled with --enable-selinux-support.

checks/Makefile.in | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff -pru gnupg-1.4.12-original/checks/Makefile.in gnupg-1.4.12/checks/Makefile.in

  • gnupg-1.4.12-original/checks/Makefile.in 2012-01-30 15:20:15.000000000 +0100

+++ gnupg-1.4.12/checks/Makefile.in 2012-06-03 17:40:42.741978737 +0200
@@ -260,6 +260,11 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
GPG_IMPORT = ../g10/gpg --homedir . --quiet --yes --no-permission-warning --import
+
+TESTS_WITHOUT_SELINUX = armor.test
+
+AUX_TESTS := $(shell config.h && cat ../config.h | grep -q ^\#define\ ENABLE_SELINUX_HACKS\ 1 || echo $(TESTS_WITHOUT_SELINUX))
+
TESTS = version.test mds.test \

	decrypt.test decrypt-dsa.test \
	sigs.test sigs-dsa.test \

@@ -270,7 +275,7 @@ TESTS = version.test mds.test \

	armsignencrypt.test armdetach.test \
	armdetachm.test detachm.test genkey1024.test \
	conventional.test conventional-mdc.test \
  • multisig.test verify.test armor.test

+ multisig.test verify.test $(AUX_TESTS)

TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \

	     plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \

[end patch]

Otherwise, a second option is compiling and running a brief piece of C
code from the Makefile which checks for the definition of
ENABLE_SELINUX_HACKS and a third option is to setting
-DENABLE_SELINUX_HACKS in $CPPFLAGS and then checking for that in the
Makefile.

And similarly for version 2.0.18:

[begin patch]

Exclude some tests when building with --enable-selinux-support.

Currently armor test needs to be excluded because it imports secret
keys which is disabled with --enable-selinux-support.

tests/openpgp/Makefile.in | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

  • gnupg-2.0.18-original/tests/openpgp/Makefile.in 2011-08-04 16:26:58.000000000 +0200

+++ gnupg-2.0.18/tests/openpgp/Makefile.in 2012-06-03 18:03:47.601242377 +0200
@@ -292,6 +292,10 @@ required_pgms = ../../g10/gpg2 ../../age
TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) GPG_AGENT_INFO= LC_ALL=C \

		    ../../agent/gpg-agent --quiet --daemon sh

+TESTS_WITHOUT_SELINUX = armor.test
+
+AUX_TESTS := $(shell config.h && cat ../../config.h | grep -q ^\#define\ ENABLE_SELINUX_HACKS\ 1 || echo $(TESTS_WITHOUT_SELINUX))
+
TESTS = version.test mds.test \

	decrypt.test decrypt-dsa.test \
	sigs.test sigs-dsa.test \

@@ -302,8 +306,8 @@ TESTS = version.test mds.test \

	armsignencrypt.test armdetach.test \
	armdetachm.test detachm.test genkey1024.test \
	conventional.test conventional-mdc.test \
  • multisig.test verify.test armor.test \
  • import.test

+ multisig.test verify.test import.test \
+ $(AUX_TESTS)

TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \

	     plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \

[end patch]

I haven't got the development tree, so the patch are against latest
versions.

Hope it helps now... At least you avoid getting misplaced test failure
reports ;-)

Salam-Shalom,

Werner

Regards,

Guido

werner added a comment.Nov 8 2012, 5:21 PM

Fixed for 1.4.13 (95347cf9).

werner closed this task as Resolved.Nov 8 2012, 5:21 PM
werner claimed this task.