Package: src:ruby-puppetserver-ca-cli
Version: 2.7.0-1
Severity: serious
Tags: ftbfs trixie sid
Dear maintainer:
During a rebuild of all packages in unstable, your package failed to build:
--------------------------------------------------------------------------------
[...]
debian/rules clean
dh clean --buildsystem=ruby --with ruby
dh_auto_clean -O--buildsystem=ruby
dh_ruby --clean
dh_autoreconf_clean -O--buildsystem=ruby
dh_clean -O--buildsystem=ruby
debian/rules binary
dh binary --buildsystem=ruby --with ruby
dh_update_autotools_config -O--buildsystem=ruby
dh_autoreconf -O--buildsystem=ruby
dh_auto_configure -O--buildsystem=ruby
dh_ruby --configure
dh_auto_build -O--buildsystem=ruby
dh_ruby --build
[... snipped ...]
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:246:in `submit_csr'
# ./lib/puppetserver/ca/action/generate.rb:222:in `block in
generate_certs'
# ./lib/puppetserver/ca/action/generate.rb:216:in `map'
# ./lib/puppetserver/ca/action/generate.rb:216:in `generate_certs'
# ./lib/puppetserver/ca/action/generate.rb:163:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:318:in `block (6 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/generate_spec.rb:317:in `block (5 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:316:in `block (4 levels)
in <top (required)>'
17) Puppetserver::Ca::Action::Generate downloading subject alternative names
ignores the subject_alt_names setting
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:340:in `block (4 levels)
in <top (required)>'
18) Puppetserver::Ca::Action::Generate downloading subject alternative names
adds an attribute to csr if subject_alt_names are passed
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:347:in `block (4 levels)
in <top (required)>'
19) Puppetserver::Ca::Action::Generate downloading subject alternative names
correctly encodes subject alt names
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:354:in `block (4 levels)
in <top (required)>'
20) Puppetserver::Ca::Action::Generate ca-client flag always supplies the
certname as a SAN
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in
generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in
`generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:472:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:470:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:469:in `block (3 levels)
in <top (required)>'
21) Puppetserver::Ca::Action::Generate ca-client flag adds the certname to
supplied SANs
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in
generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in
`generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:491:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:489:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:488:in `block (3 levels)
in <top (required)>'
22) Puppetserver::Ca::Action::Generate ca-client flag adds the auth extension
to the cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in
generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in
`generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:510:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:508:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:507:in `block (3 levels)
in <top (required)>'
23) Puppetserver::Ca::Action::Generate ca-client flag updates the serial file
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in
generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in
`generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:529:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:527:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:526:in `block (3 levels)
in <top (required)>'
24) Puppetserver::Ca::Action::Import creates all files with correct
permissions
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:31:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:194:in `with_files_in_default_dirs'
# ./spec/shared_examples/setup.rb:27:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:26:in `block (2 levels) in <top
(required)>'
25) Puppetserver::Ca::Action::Import adds default subject alt names to the
server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:103:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:101:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:100:in `block (2 levels) in <top
(required)>'
26) Puppetserver::Ca::Action::Import adds custom subject alt names to the
server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:123:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:121:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:120:in `block (2 levels) in <top
(required)>'
27) Puppetserver::Ca::Action::Import will not overwrite existing CA files
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:143:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:141:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:140:in `block (2 levels) in <top
(required)>'
28) Puppetserver::Ca::Action::Import honors existing server key pair when
generating servers cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:168:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:155:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:154:in `block (2 levels) in <top
(required)>'
29) Puppetserver::Ca::Action::Import validation generates a leaf crl if none
is provided
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/puppetserver/ca/action/import_spec.rb:180:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/puppetserver/ca/action/import_spec.rb:172:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/import_spec.rb:171:in `block (3 levels)
in <top (required)>'
30) Puppetserver::Ca::Action::Import validation validates the root crl is
present after generating a leaf crl
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in
`create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/puppetserver/ca/action/import_spec.rb:206:in `block (5 levels)
in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/puppetserver/ca/action/import_spec.rb:199:in `block (4 levels)
in <top (required)>'
# ./spec/puppetserver/ca/action/import_spec.rb:198:in `block (3 levels)
in <top (required)>'
31) Puppetserver::Ca::Action::Setup does not print the help output if called
correctly
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:32:in `block (4 levels) in
<top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:31:in `block (3 levels) in
<top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:30:in `block (2 levels) in
<top (required)>'
32) Puppetserver::Ca::Action::Setup creates all files with correct permissions
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:31:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:194:in `with_files_in_default_dirs'
# ./spec/shared_examples/setup.rb:27:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:26:in `block (2 levels) in <top
(required)>'
33) Puppetserver::Ca::Action::Setup adds default subject alt names to the
server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:103:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:101:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:100:in `block (2 levels) in <top
(required)>'
34) Puppetserver::Ca::Action::Setup adds custom subject alt names to the
server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:123:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:121:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:120:in `block (2 levels) in <top
(required)>'
35) Puppetserver::Ca::Action::Setup will not overwrite existing CA files
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:143:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:141:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:140:in `block (2 levels) in <top
(required)>'
36) Puppetserver::Ca::Action::Setup honors existing server key pair when
generating servers cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:168:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:155:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:154:in `block (2 levels) in <top
(required)>'
37) Puppetserver::Ca::Action::Setup fails if only one of servers public,
private keys are present
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from
./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:193:in `block (4 levels) in <top
(required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:185:in `block (3 levels) in <top
(required)>'
# ./spec/shared_examples/setup.rb:184:in `block (2 levels) in <top
(required)>'
38) Puppetserver::Ca::Action::Setup command line name overrides uses the
ca_name and root_ca_name as specified on the command line
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:51:in `block (5 levels) in
<top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:50:in `block (4 levels) in
<top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:49:in `block (3 levels) in
<top (required)>'
39) Puppetserver::Ca::Action::Setup command line name overrides uses the
default ca_name if none specified
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:69:in `block (5 levels) in
<top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:68:in `block (4 levels) in
<top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:67:in `block (3 levels) in
<top (required)>'
40) Puppetserver::Ca::LocalCertificateAuthority#create_server_cert without a
csr_attributes file adds only MA extensions to the csr
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:65:in `block
(4 levels) in <top (required)>'
41) Puppetserver::Ca::LocalCertificateAuthority#create_server_cert with a
csr_attributes file adds extensions from csr_attributes yaml to the csr
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:101:in
`block (4 levels) in <top (required)>'
42) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert has the
special auth extension
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:112:in
`block (3 levels) in <top (required)>'
43) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert does not
add default subject alt names
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:127:in
`block (3 levels) in <top (required)>'
44) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert adds
subject alt names if specified
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:142:in
`block (3 levels) in <top (required)>'
45) Puppetserver::Ca::Utils::HttpClient creates a store that can validate
connections to CA
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in
`create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:36:in `block (4
levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:26:in `block (3
levels) in <top (required)>'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:25:in `block (2
levels) in <top (required)>'
Finished in 1.1 seconds (files took 0.2618 seconds to load)
273 examples, 45 failures
Failed examples:
rspec ./spec/puppetserver/ca/action/generate_spec.rb:94 #
Puppetserver::Ca::Action::Generate downloading logs success and returns zero if
downloaded
rspec ./spec/puppetserver/ca/action/generate_spec.rb:109 #
Puppetserver::Ca::Action::Generate downloading converts the ttl value of 1y to
seconds in the request to sign the certificate
rspec ./spec/puppetserver/ca/action/generate_spec.rb:125 #
Puppetserver::Ca::Action::Generate downloading converts the ttl value without
units as seconds in the request to sign the certificate
rspec ./spec/puppetserver/ca/action/generate_spec.rb:141 #
Puppetserver::Ca::Action::Generate downloading errors if there is an invalid ttl
rspec ./spec/puppetserver/ca/action/generate_spec.rb:156 #
Puppetserver::Ca::Action::Generate downloading logs an error if any could not
be downloaded
rspec ./spec/puppetserver/ca/action/generate_spec.rb:173 #
Puppetserver::Ca::Action::Generate downloading prints an error if an unknown
error occurs
rspec ./spec/puppetserver/ca/action/generate_spec.rb:192 #
Puppetserver::Ca::Action::Generate downloading refuses to overwrite existing
cert files
rspec ./spec/puppetserver/ca/action/generate_spec.rb:215 #
Puppetserver::Ca::Action::Generate downloading with autosigning enabled does
not request that the cert be signed if the CA already autosigned it
rspec ./spec/puppetserver/ca/action/generate_spec.rb:258 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file adds
attributes and extensions to the csr
rspec ./spec/puppetserver/ca/action/generate_spec.rb:264 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file adds
puppet short name attributes and extensions to the csr
rspec ./spec/puppetserver/ca/action/generate_spec.rb:271 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file
return nil for csr if extension is incorrect
rspec ./spec/puppetserver/ca/action/generate_spec.rb:278 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file
return nil for csr if extension name provided is subjectAltName
rspec ./spec/puppetserver/ca/action/generate_spec.rb:285 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file
return nil for csr if attribute name provided isn't correct
rspec ./spec/puppetserver/ca/action/generate_spec.rb:292 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file
return nil for csr if attribute name provided is private
rspec ./spec/puppetserver/ca/action/generate_spec.rb:299 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file logs
an error if csr attributes were incorrect
rspec ./spec/puppetserver/ca/action/generate_spec.rb:313 #
Puppetserver::Ca::Action::Generate downloading with a csr_attributes file logs
an error if csr attributes are not in hash format
rspec ./spec/puppetserver/ca/action/generate_spec.rb:336 #
Puppetserver::Ca::Action::Generate downloading subject alternative names
ignores the subject_alt_names setting
rspec ./spec/puppetserver/ca/action/generate_spec.rb:344 #
Puppetserver::Ca::Action::Generate downloading subject alternative names adds
an attribute to csr if subject_alt_names are passed
rspec ./spec/puppetserver/ca/action/generate_spec.rb:351 #
Puppetserver::Ca::Action::Generate downloading subject alternative names
correctly encodes subject alt names
rspec ./spec/puppetserver/ca/action/generate_spec.rb:468 #
Puppetserver::Ca::Action::Generate ca-client flag always supplies the certname
as a SAN
rspec ./spec/puppetserver/ca/action/generate_spec.rb:487 #
Puppetserver::Ca::Action::Generate ca-client flag adds the certname to supplied
SANs
rspec ./spec/puppetserver/ca/action/generate_spec.rb:506 #
Puppetserver::Ca::Action::Generate ca-client flag adds the auth extension to
the cert
rspec ./spec/puppetserver/ca/action/generate_spec.rb:525 #
Puppetserver::Ca::Action::Generate ca-client flag updates the serial file
rspec './spec/puppetserver/ca/action/import_spec.rb[1:5]' #
Puppetserver::Ca::Action::Import creates all files with correct permissions
rspec './spec/puppetserver/ca/action/import_spec.rb[1:8]' #
Puppetserver::Ca::Action::Import adds default subject alt names to the server
cert
rspec './spec/puppetserver/ca/action/import_spec.rb[1:9]' #
Puppetserver::Ca::Action::Import adds custom subject alt names to the server
cert
rspec './spec/puppetserver/ca/action/import_spec.rb[1:10]' #
Puppetserver::Ca::Action::Import will not overwrite existing CA files
rspec './spec/puppetserver/ca/action/import_spec.rb[1:11]' #
Puppetserver::Ca::Action::Import honors existing server key pair when
generating servers cert
rspec ./spec/puppetserver/ca/action/import_spec.rb:170 #
Puppetserver::Ca::Action::Import validation generates a leaf crl if none is
provided
rspec ./spec/puppetserver/ca/action/import_spec.rb:197 #
Puppetserver::Ca::Action::Import validation validates the root crl is present
after generating a leaf crl
rspec ./spec/puppetserver/ca/action/setup_spec.rb:29 #
Puppetserver::Ca::Action::Setup does not print the help output if called
correctly
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:3]' #
Puppetserver::Ca::Action::Setup creates all files with correct permissions
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:6]' #
Puppetserver::Ca::Action::Setup adds default subject alt names to the server
cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:7]' #
Puppetserver::Ca::Action::Setup adds custom subject alt names to the server cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:8]' #
Puppetserver::Ca::Action::Setup will not overwrite existing CA files
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:9]' #
Puppetserver::Ca::Action::Setup honors existing server key pair when generating
servers cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:10]' #
Puppetserver::Ca::Action::Setup fails if only one of servers public, private
keys are present
rspec ./spec/puppetserver/ca/action/setup_spec.rb:48 #
Puppetserver::Ca::Action::Setup command line name overrides uses the ca_name
and root_ca_name as specified on the command line
rspec ./spec/puppetserver/ca/action/setup_spec.rb:66 #
Puppetserver::Ca::Action::Setup command line name overrides uses the default
ca_name if none specified
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:63 #
Puppetserver::Ca::LocalCertificateAuthority#create_server_cert without a
csr_attributes file adds only MA extensions to the csr
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:99 #
Puppetserver::Ca::LocalCertificateAuthority#create_server_cert with a
csr_attributes file adds extensions from csr_attributes yaml to the csr
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:110 #
Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert has the
special auth extension
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:125 #
Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert does not add
default subject alt names
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:140 #
Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert adds subject
alt names if specified
rspec ./spec/puppetserver/ca/utils/http_client_spec.rb:24 #
Puppetserver::Ca::Utils::HttpClient creates a store that can validate
connections to CA
/usr/bin/ruby3.1
-I/usr/share/rubygems-integration/all/gems/rspec-support-3.13.1/lib:/usr/share/rubygems-integration/all/gems/rspec-core-3.13.0/lib
/usr/share/rubygems-integration/all/gems/rspec-core-3.13.0/exe/rspec --pattern
./spec/\*\*/\*_spec.rb --format documentation failed
ERROR: Test "ruby3.1" failed. Exiting.
dh_auto_install: error: dh_ruby --install
/<<PKGBUILDDIR>>/debian/ruby-puppetserver-ca-cli returned exit code 1
make: *** [debian/rules:17: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
--------------------------------------------------------------------------------
The above is just how the build ends and not necessarily the most relevant part.
If required, the full build log is available here:
https://people.debian.org/~sanvila/build-logs/202501/
About the archive rebuild: The build was made on virtual machines from AWS,
using sbuild and a reduced chroot with only build-essential packages.
If you could not reproduce the bug please contact me privately, as I
am willing to provide ssh access to a virtual machine where the bug is
fully reproducible.
If this is really a bug in one of the build-depends, please use
reassign and add an affects on src:ruby-puppetserver-ca-cli, so that this is
still
visible in the BTS web page for this package.
Thanks.
