Bug#774631: xmlsec1: Updated debdiff including test suite failure detection.

James Page Mon, 30 Mar 2015 06:54:51 -0700

Package: xmlsec1
Version: 1.2.20-2ubuntu1
Followup-For: Bug #774631

Updated debdiff including some patches to disable tests that require access to 
online resources, and to only execute some tests for openssl.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 'vivid'), 
(100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-10-generic (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xmlsec1 depends on:
ii  libc6               2.21-0ubuntu4
ii  libxml2             2.9.2+dfsg1-3
ii  libxmlsec1          1.2.20-2ubuntu1
ii  libxmlsec1-openssl  1.2.20-2ubuntu1
ii  libxslt1.1          1.1.28-2build2

xmlsec1 recommends no packages.

xmlsec1 suggests no packages.

-- no debconf information

diff -Nru xmlsec1-1.2.20/debian/patches/series xmlsec1-1.2.20/debian/patches/series
--- xmlsec1-1.2.20/debian/patches/series	2014-07-08 05:08:07.000000000 +0100
+++ xmlsec1-1.2.20/debian/patches/series	2015-03-26 16:36:21.000000000 +0000
@@ -1,2 +1,4 @@
 examples_rootcert.patch
 examples_encrypt3.patch
+skip-failing-tests.patch
+skip-online-tests.patch
diff -Nru xmlsec1-1.2.20/debian/patches/skip-failing-tests.patch xmlsec1-1.2.20/debian/patches/skip-failing-tests.patch
--- xmlsec1-1.2.20/debian/patches/skip-failing-tests.patch	1970-01-01 01:00:00.000000000 +0100
+++ xmlsec1-1.2.20/debian/patches/skip-failing-tests.patch	2015-03-30 10:28:04.000000000 +0100
@@ -0,0 +1,45 @@
+Description: Skip failing tests due to disabled lib plugins
+ Some tests require of dynamic loading of crypto libraries
+ in xmlsec1 apps - we disable this in the build, so only test
+ with the default openssl lib.
+Author: James Page <james.p...@ubuntu.com>
+Forwarded: not-needed
+
+--- a/tests/testDSig.sh
++++ b/tests/testDSig.sh
+@@ -788,6 +788,8 @@ execDSigTest $res_success \
+ # test dynamic signature
+ #
+ ##########################################################################
++
++if [ $crypto = 'openssl' ]; then
+ echo "Dynamic signature template"
+ printf "    Create new signature                                 "
+ echo "$xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
+@@ -797,6 +799,7 @@ printf "    Verify new signature
+ echo "$xmlsec_app verify --keys-file $keysfile $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
+ printRes $res_success $?
++fi
+ 
+ 
+ ##########################################################################
+--- a/tests/testEnc.sh
++++ b/tests/testEnc.sh
+@@ -366,6 +366,8 @@ execEncTest $res_success \
+ # test dynamicencryption
+ #
+ ##########################################################################
++
++if [ $crypto = 'openssl' ]; then
+ echo "Dynamic encryption template"
+ printf "    Encrypt template                                     "
+ echo "$xmlsec_app encrypt-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
+@@ -375,6 +377,7 @@ printf "    Decrypt document
+ echo "$xmlsec_app decrypt $xmlsec_params $keysfile $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app decrypt $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
+ printRes $res_success $?
++fi
+ 
+ 
+ ##########################################################################
diff -Nru xmlsec1-1.2.20/debian/patches/skip-online-tests.patch xmlsec1-1.2.20/debian/patches/skip-online-tests.patch
--- xmlsec1-1.2.20/debian/patches/skip-online-tests.patch	1970-01-01 01:00:00.000000000 +0100
+++ xmlsec1-1.2.20/debian/patches/skip-online-tests.patch	2015-03-30 10:29:45.000000000 +0100
@@ -0,0 +1,209 @@
+Description: Skip any online tests
+ Some tests require access to online services.
+ .
+ Use an environment variable to conditionally skip these
+ tests to support execution in offline build environments.
+Author: James Page <james.p...@ubuntu.com>
+Forwarded: no
+
+--- a/tests/testDSig.sh
++++ b/tests/testDSig.sh
+@@ -418,7 +418,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret123" \
+     " "
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
+     "base64 sha1 dsa-sha1" \
+@@ -427,7 +427,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123" \
+     " "
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-external-dsa" \
+     "sha1 dsa-sha1" \
+@@ -436,7 +436,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123" \
+     " "
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-keyname" \
+     "sha1 dsa-sha1" \
+@@ -445,7 +445,7 @@ execDSigTest $res_success \
+     "$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret123" \
+     "$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret123"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-x509-crt" \
+     "sha1 dsa-sha1" \
+@@ -454,7 +454,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123"\
+     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-x509-sn" \
+     "sha1 dsa-sha1" \
+@@ -463,7 +463,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123"\
+     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-x509-is" \
+     "sha1 dsa-sha1" \
+@@ -472,7 +472,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123"\
+     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-x509-ski" \
+     "sha1 dsa-sha1" \
+@@ -481,7 +481,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123"\
+     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
+     "sha1 dsa-sha1" \
+@@ -490,7 +490,7 @@ execDSigTest $res_success \
+     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123"\
+     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmldsig-twenty-three/signature" \
+     "base64 xpath enveloped-signature c14n-with-comments sha1 dsa-sha1" \
+@@ -509,7 +509,7 @@ execDSigTest $res_success \
+ # key transport/wrapper algorightms
+ #
+ ##########################################################################
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "" \
+     "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
+     "ripemd160 hmac-ripemd160 kw-tripledes" \
+@@ -614,14 +614,14 @@ execDSigTest $res_success \
+ #
+ ##########################################################################
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-big" \
+     "base64 xslt xpath sha1 rsa-sha1" \
+     "rsa x509" \
+     "--pubkey-cert-$cert_format certs/rsa-cert.$cert_format" 
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-dsa-detached" \
+     "sha1 dsa-sha1" \
+@@ -642,7 +642,7 @@ execDSigTest $res_success \
+     "dsa x509" \
+     "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-dsa-manifest" \
+     "sha1 dsa-sha1" \
+@@ -656,21 +656,21 @@ execDSigTest $res_success \
+     "hmac" \
+     "--hmackey certs/hmackey.bin"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-hmac-sha1-40-c14n-comments-detached" \
+     "c14n-with-comments sha1 hmac-sha1" \
+     "hmac" \
+     "--hmackey certs/hmackey.bin"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
+     "exc-c14n-with-comments sha1 hmac-sha1" \
+     "hmac" \
+     "--hmackey certs/hmackey.bin"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-hmac-sha1-exclusive-c14n-comments-detached" \
+     "exc-c14n-with-comments sha1 hmac-sha1" \
+@@ -691,7 +691,7 @@ execDSigTest $res_success \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-detached" \
+     "sha1 rsa-sha1" \
+@@ -733,42 +733,42 @@ execDSigTest $res_success \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest-x509-data-cert-chain" \
+     "sha1 rsa-sha1" \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest-x509-data-cert" \
+     "sha1 rsa-sha1" \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest-x509-data-issuer-serial" \
+     "sha1 rsa-sha1" \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest-x509-data-ski" \
+     "sha1 rsa-sha1" \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest-x509-data-subject-name" \
+     "sha1 rsa-sha1" \
+     "rsa x509" \
+     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ 
+-execDSigTest $res_success \
++[ -z "$OFFLINE" ] && execDSigTest $res_success \
+     "phaos-xmldsig-three" \
+     "signature-rsa-manifest" \
+     "sha1 rsa-sha1" \
diff -Nru xmlsec1-1.2.20/debian/rules xmlsec1-1.2.20/debian/rules
--- xmlsec1-1.2.20/debian/rules	2014-07-04 22:53:30.000000000 +0100
+++ xmlsec1-1.2.20/debian/rules	2015-03-26 16:57:09.000000000 +0000
@@ -5,6 +5,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
+export OFFLINE=1
+
 # These are used for cross-compiling and for saving the configure script
 # from having to guess our platform (since we know it already)
 DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
@@ -44,6 +46,12 @@
 	# Add here commands to compile the package.
 	$(MAKE)
 
+ifeq (,$(findstring nocheck, $(DEB_BUILD_OPTIONS)))
+	$(MAKE) check | tee /tmp/tests.log
+	grep -q Fail /tmp/tests.log && (echo "Failures executing unit tests, exiting build"; exit 1) \
+		|| echo "Unit tests completed successfully"
+endif
+
 	touch build-stamp
 
 clean:

Bug#774631: xmlsec1: Updated debdiff including test suite failure detection.

Reply via email to