[DRE-maint] Bug#1011734: ruby-certificate-authority: FTBFS: ERROR: Test "ruby3.0" failed: Failure/Error: expect(@cert_with_extensions.extensions["authorityKeyIdentifier"]).to eq(expected_authorityKeyIdentifier)
Nick Rosbrook
nick.rosbrook at canonical.com
Mon Jul 18 15:36:50 BST 2022
Package: ruby-certificate-authority
Followup-For: Bug #1011734
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch
Control: tags -1 patch
Hi,
This was caused by a string format change in openssl >= 3.0. I created
an upstream issue with more information [1].
In Ubuntu, we applied this patch to resolve the FTBFS:
* debian/patches/0004-remove-keyid-prefix-from-test-string.patch:
Remove 'keyid:' prefix from test string to fix build with openssl >= 3.0.
(LP: #1981458)
Thanks,
Nick
[1] https://github.com/cchandler/certificate_authority/issues/62
-------------- next part --------------
diff -Nru ruby-certificate-authority-1.0.0/debian/patches/0004-remove-keyid-prefix-from-test-string.patch ruby-certificate-authority-1.0.0/debian/patches/0004-remove-keyid-prefix-from-test-string.patch
--- ruby-certificate-authority-1.0.0/debian/patches/0004-remove-keyid-prefix-from-test-string.patch 1969-12-31 19:00:00.000000000 -0500
+++ ruby-certificate-authority-1.0.0/debian/patches/0004-remove-keyid-prefix-from-test-string.patch 2022-07-12 11:00:53.000000000 -0400
@@ -0,0 +1,21 @@
+Description: Remove 'keyid:' prefix from x509 v3 authorityKeyIdentifier test
+ This test case does a simple check for the expected authorityKeyIdentifier value
+ on a certificate, which includes a 'keyid:' prefix. This prefix was removed in
+ OpenSSL 3.0, which causes this test case to fail. Just remove the prefix from the
+ expected string to fix the test.
+Author: Nick Rosbrook <nick.rosbrook at canonical.com>
+Bug: https://github.com/cchandler/certificate_authority/issues/62
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ruby-certificate-authority/+bug/1981458
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011734
+Last-Update: 2022-07-12
+--- a/spec/units/certificate_spec.rb
++++ b/spec/units/certificate_spec.rb
+@@ -423,7 +423,7 @@
+ expect(@cert_with_extensions.extensions["subjectKeyIdentifier"]).to eq(expected_subjectKeyIdentifier)
+
+ expected_authorityKeyIdentifier = CertificateAuthority::Extensions::AuthorityKeyIdentifier.new
+- expected_authorityKeyIdentifier.identifier = "keyid:4C:58:CB:25:F0:41:4F:52:F4:28:C8:81:43:9B:A6:A8:A0:E6:92:E5"
++ expected_authorityKeyIdentifier.identifier = "4C:58:CB:25:F0:41:4F:52:F4:28:C8:81:43:9B:A6:A8:A0:E6:92:E5"
+ expect(@cert_with_extensions.extensions["authorityKeyIdentifier"]).to eq(expected_authorityKeyIdentifier)
+
+ expected_authorityInfoAccess = CertificateAuthority::Extensions::AuthorityInfoAccess.new
diff -Nru ruby-certificate-authority-1.0.0/debian/patches/series ruby-certificate-authority-1.0.0/debian/patches/series
--- ruby-certificate-authority-1.0.0/debian/patches/series 2022-02-20 17:24:24.000000000 -0500
+++ ruby-certificate-authority-1.0.0/debian/patches/series 2022-07-12 11:00:53.000000000 -0400
@@ -1,3 +1,4 @@
0001-Build-a-string-config-for-OpenSSL-Config-as-opposed-.patch
0002-gemspec-don-t-use-git-to-get-list-of-files.patch
0003-gemspec-don-t-load-file-from-lib-explicitly.patch
+0004-remove-keyid-prefix-from-test-string.patch
More information about the Pkg-ruby-extras-maintainers
mailing list