Control: tags -1 confirmed upstream Hi,
On 15:42 Thu 06 Sep , Chris Hofstaedtler wrote: > Package: src:h2o > Version: 2.2.5+dfsg1-6 > Severity: serious > > Dear Maintainer, > > when trying to build h2o from source on amd64, inside sbuild, it fails: > > h2o server (pid:14780) is ready to serve requests > fetch-ocsp-response (using OpenSSL 1.1.1-pre9 (beta) 21 Aug 2018) > failed to extract ocsp URI from examples/h2o/server.crt > [OCSP Stapling] disabled for certificate file:examples/h2o/server.crt > > # Failed test at t/50reverse-proxy-session-resumption.t line 118. > # got: '0' > # expected: '1' > killing /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/h2o... received SIGTERM, > gracefully shutting down > killed (got 0) > killing /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/h2o... received SIGTERM, > gracefully shutting down > killed (got 0) > # Looks like you failed 1 test of 5. > > # Failed test 'lifetime' > # at t/50reverse-proxy-session-resumption.t line 121. > > And further failures. > Please also see the attached build log. Thanks for the report! It looks like the tests in t/50access-log.t and t/40ssl-cipher-suite.t are failing when h2o is built against OpenSSL 1.1.1, because they don't expect OpenSSL to support TLSv1.3 and are confused by TLSv1.3-related output (mostly cipher names). The tests in t/50reverse-proxy-proxy-protocol.t and t/40session-ticket.t report no session reuse with OpenSSL 1.1.1 and need further investigation. That said, I intend to move away from PicoTLS and towards OpenSSL for TLSv1.3 support in H2O if it works hassle-free. Cheers, Apollon
