[Pkg-puppet-devel] Bug#1093927: ruby-puppetserver-ca-cli: FTBFS: Failure/Error: csr.version = 2
Santiago Vila
sanvila at debian.org
Fri Jan 24 00:59:59 GMT 2025
Package: src:ruby-puppetserver-ca-cli
Version: 2.7.0-1
Severity: serious
Tags: ftbfs trixie sid
Dear maintainer:
During a rebuild of all packages in unstable, your package failed to build:
--------------------------------------------------------------------------------
[...]
debian/rules clean
dh clean --buildsystem=ruby --with ruby
dh_auto_clean -O--buildsystem=ruby
dh_ruby --clean
dh_autoreconf_clean -O--buildsystem=ruby
dh_clean -O--buildsystem=ruby
debian/rules binary
dh binary --buildsystem=ruby --with ruby
dh_update_autotools_config -O--buildsystem=ruby
dh_autoreconf -O--buildsystem=ruby
dh_auto_configure -O--buildsystem=ruby
dh_ruby --configure
dh_auto_build -O--buildsystem=ruby
dh_ruby --build
[... snipped ...]
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:246:in `submit_csr'
# ./lib/puppetserver/ca/action/generate.rb:222:in `block in generate_certs'
# ./lib/puppetserver/ca/action/generate.rb:216:in `map'
# ./lib/puppetserver/ca/action/generate.rb:216:in `generate_certs'
# ./lib/puppetserver/ca/action/generate.rb:163:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:318:in `block (6 levels) in <top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/generate_spec.rb:317:in `block (5 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:316:in `block (4 levels) in <top (required)>'
17) Puppetserver::Ca::Action::Generate downloading subject alternative names ignores the subject_alt_names setting
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:340:in `block (4 levels) in <top (required)>'
18) Puppetserver::Ca::Action::Generate downloading subject alternative names adds an attribute to csr if subject_alt_names are passed
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:347:in `block (4 levels) in <top (required)>'
19) Puppetserver::Ca::Action::Generate downloading subject alternative names correctly encodes subject alt names
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./spec/puppetserver/ca/action/generate_spec.rb:354:in `block (4 levels) in <top (required)>'
20) Puppetserver::Ca::Action::Generate ca-client flag always supplies the certname as a SAN
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in `generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:472:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:470:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:469:in `block (3 levels) in <top (required)>'
21) Puppetserver::Ca::Action::Generate ca-client flag adds the certname to supplied SANs
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in `generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:491:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:489:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:488:in `block (3 levels) in <top (required)>'
22) Puppetserver::Ca::Action::Generate ca-client flag adds the auth extension to the cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in `generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:510:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:508:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:507:in `block (3 levels) in <top (required)>'
23) Puppetserver::Ca::Action::Generate ca-client flag updates the serial file
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/action/generate.rb:275:in `generate_key_csr'
# ./lib/puppetserver/ca/action/generate.rb:188:in `block in generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:180:in `map'
# ./lib/puppetserver/ca/action/generate.rb:180:in `generate_authorized_certs'
# ./lib/puppetserver/ca/action/generate.rb:161:in `run'
# ./spec/puppetserver/ca/action/generate_spec.rb:529:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/action/generate_spec.rb:527:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/generate_spec.rb:526:in `block (3 levels) in <top (required)>'
24) Puppetserver::Ca::Action::Import creates all files with correct permissions
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:31:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:194:in `with_files_in_default_dirs'
# ./spec/shared_examples/setup.rb:27:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:26:in `block (2 levels) in <top (required)>'
25) Puppetserver::Ca::Action::Import adds default subject alt names to the server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:103:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:101:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:100:in `block (2 levels) in <top (required)>'
26) Puppetserver::Ca::Action::Import adds custom subject alt names to the server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:123:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:121:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:120:in `block (2 levels) in <top (required)>'
27) Puppetserver::Ca::Action::Import will not overwrite existing CA files
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:143:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:141:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:140:in `block (2 levels) in <top (required)>'
28) Puppetserver::Ca::Action::Import honors existing server key pair when generating servers cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/import_spec.rb:270
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/shared_examples/setup.rb:168:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:155:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:154:in `block (2 levels) in <top (required)>'
29) Puppetserver::Ca::Action::Import validation generates a leaf crl if none is provided
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/puppetserver/ca/action/import_spec.rb:180:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/puppetserver/ca/action/import_spec.rb:172:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/import_spec.rb:171:in `block (3 levels) in <top (required)>'
30) Puppetserver::Ca::Action::Import validation validates the root crl is present after generating a leaf crl
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:141:in `create_server_cert'
# ./lib/puppetserver/ca/action/import.rb:76:in `import'
# ./lib/puppetserver/ca/action/import.rb:66:in `run'
# ./spec/puppetserver/ca/action/import_spec.rb:206:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/puppetserver/ca/action/import_spec.rb:199:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/import_spec.rb:198:in `block (3 levels) in <top (required)>'
31) Puppetserver::Ca::Action::Setup does not print the help output if called correctly
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:32:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:31:in `block (3 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:30:in `block (2 levels) in <top (required)>'
32) Puppetserver::Ca::Action::Setup creates all files with correct permissions
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:31:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:194:in `with_files_in_default_dirs'
# ./spec/shared_examples/setup.rb:27:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:26:in `block (2 levels) in <top (required)>'
33) Puppetserver::Ca::Action::Setup adds default subject alt names to the server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:103:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:101:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:100:in `block (2 levels) in <top (required)>'
34) Puppetserver::Ca::Action::Setup adds custom subject alt names to the server cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:123:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:121:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:120:in `block (2 levels) in <top (required)>'
35) Puppetserver::Ca::Action::Setup will not overwrite existing CA files
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:143:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:141:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:140:in `block (2 levels) in <top (required)>'
36) Puppetserver::Ca::Action::Setup honors existing server key pair when generating servers cert
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:168:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:155:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:154:in `block (2 levels) in <top (required)>'
37) Puppetserver::Ca::Action::Setup fails if only one of servers public, private keys are present
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
Shared Example Group: "properly sets up ca and ssl dir" called from ./spec/puppetserver/ca/action/setup_spec.rb:45
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/shared_examples/setup.rb:193:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:143:in `with_files_in'
# ./spec/shared_examples/setup.rb:185:in `block (3 levels) in <top (required)>'
# ./spec/shared_examples/setup.rb:184:in `block (2 levels) in <top (required)>'
38) Puppetserver::Ca::Action::Setup command line name overrides uses the ca_name and root_ca_name as specified on the command line
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:51:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:50:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:49:in `block (3 levels) in <top (required)>'
39) Puppetserver::Ca::Action::Setup command line name overrides uses the default ca_name if none specified
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./lib/puppetserver/ca/action/setup.rb:69:in `run'
# ./spec/puppetserver/ca/action/setup_spec.rb:69:in `block (5 levels) in <top (required)>'
# ./spec/utils/ssl.rb:91:in `with_temp_dirs'
# ./spec/puppetserver/ca/action/setup_spec.rb:68:in `block (4 levels) in <top (required)>'
# ./spec/puppetserver/ca/action/setup_spec.rb:67:in `block (3 levels) in <top (required)>'
40) Puppetserver::Ca::LocalCertificateAuthority#create_server_cert without a csr_attributes file adds only MA extensions to the csr
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:65:in `block (4 levels) in <top (required)>'
41) Puppetserver::Ca::LocalCertificateAuthority#create_server_cert with a csr_attributes file adds extensions from csr_attributes yaml to the csr
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:101:in `block (4 levels) in <top (required)>'
42) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert has the special auth extension
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:112:in `block (3 levels) in <top (required)>'
43) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert does not add default subject alt names
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:127:in `block (3 levels) in <top (required)>'
44) Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert adds subject alt names if specified
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./spec/puppetserver/ca/local_certificate_authority_spec.rb:142:in `block (3 levels) in <top (required)>'
45) Puppetserver::Ca::Utils::HttpClient creates a store that can validate connections to CA
Failure/Error: csr.version = 2
OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
# ./lib/puppetserver/ca/host.rb:83:in `version='
# ./lib/puppetserver/ca/host.rb:83:in `create_csr'
# ./lib/puppetserver/ca/local_certificate_authority.rb:260:in `create_intermediate_cert'
# ./lib/puppetserver/ca/action/setup.rb:80:in `generate_pki'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:36:in `block (4 levels) in <top (required)>'
# ./spec/utils/ssl.rb:248:in `with_ca_in'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:26:in `block (3 levels) in <top (required)>'
# ./spec/puppetserver/ca/utils/http_client_spec.rb:25:in `block (2 levels) in <top (required)>'
Finished in 1.1 seconds (files took 0.2618 seconds to load)
273 examples, 45 failures
Failed examples:
rspec ./spec/puppetserver/ca/action/generate_spec.rb:94 # Puppetserver::Ca::Action::Generate downloading logs success and returns zero if downloaded
rspec ./spec/puppetserver/ca/action/generate_spec.rb:109 # Puppetserver::Ca::Action::Generate downloading converts the ttl value of 1y to seconds in the request to sign the certificate
rspec ./spec/puppetserver/ca/action/generate_spec.rb:125 # Puppetserver::Ca::Action::Generate downloading converts the ttl value without units as seconds in the request to sign the certificate
rspec ./spec/puppetserver/ca/action/generate_spec.rb:141 # Puppetserver::Ca::Action::Generate downloading errors if there is an invalid ttl
rspec ./spec/puppetserver/ca/action/generate_spec.rb:156 # Puppetserver::Ca::Action::Generate downloading logs an error if any could not be downloaded
rspec ./spec/puppetserver/ca/action/generate_spec.rb:173 # Puppetserver::Ca::Action::Generate downloading prints an error if an unknown error occurs
rspec ./spec/puppetserver/ca/action/generate_spec.rb:192 # Puppetserver::Ca::Action::Generate downloading refuses to overwrite existing cert files
rspec ./spec/puppetserver/ca/action/generate_spec.rb:215 # Puppetserver::Ca::Action::Generate downloading with autosigning enabled does not request that the cert be signed if the CA already autosigned it
rspec ./spec/puppetserver/ca/action/generate_spec.rb:258 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file adds attributes and extensions to the csr
rspec ./spec/puppetserver/ca/action/generate_spec.rb:264 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file adds puppet short name attributes and extensions to the csr
rspec ./spec/puppetserver/ca/action/generate_spec.rb:271 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file return nil for csr if extension is incorrect
rspec ./spec/puppetserver/ca/action/generate_spec.rb:278 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file return nil for csr if extension name provided is subjectAltName
rspec ./spec/puppetserver/ca/action/generate_spec.rb:285 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file return nil for csr if attribute name provided isn't correct
rspec ./spec/puppetserver/ca/action/generate_spec.rb:292 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file return nil for csr if attribute name provided is private
rspec ./spec/puppetserver/ca/action/generate_spec.rb:299 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file logs an error if csr attributes were incorrect
rspec ./spec/puppetserver/ca/action/generate_spec.rb:313 # Puppetserver::Ca::Action::Generate downloading with a csr_attributes file logs an error if csr attributes are not in hash format
rspec ./spec/puppetserver/ca/action/generate_spec.rb:336 # Puppetserver::Ca::Action::Generate downloading subject alternative names ignores the subject_alt_names setting
rspec ./spec/puppetserver/ca/action/generate_spec.rb:344 # Puppetserver::Ca::Action::Generate downloading subject alternative names adds an attribute to csr if subject_alt_names are passed
rspec ./spec/puppetserver/ca/action/generate_spec.rb:351 # Puppetserver::Ca::Action::Generate downloading subject alternative names correctly encodes subject alt names
rspec ./spec/puppetserver/ca/action/generate_spec.rb:468 # Puppetserver::Ca::Action::Generate ca-client flag always supplies the certname as a SAN
rspec ./spec/puppetserver/ca/action/generate_spec.rb:487 # Puppetserver::Ca::Action::Generate ca-client flag adds the certname to supplied SANs
rspec ./spec/puppetserver/ca/action/generate_spec.rb:506 # Puppetserver::Ca::Action::Generate ca-client flag adds the auth extension to the cert
rspec ./spec/puppetserver/ca/action/generate_spec.rb:525 # Puppetserver::Ca::Action::Generate ca-client flag updates the serial file
rspec './spec/puppetserver/ca/action/import_spec.rb[1:5]' # Puppetserver::Ca::Action::Import creates all files with correct permissions
rspec './spec/puppetserver/ca/action/import_spec.rb[1:8]' # Puppetserver::Ca::Action::Import adds default subject alt names to the server cert
rspec './spec/puppetserver/ca/action/import_spec.rb[1:9]' # Puppetserver::Ca::Action::Import adds custom subject alt names to the server cert
rspec './spec/puppetserver/ca/action/import_spec.rb[1:10]' # Puppetserver::Ca::Action::Import will not overwrite existing CA files
rspec './spec/puppetserver/ca/action/import_spec.rb[1:11]' # Puppetserver::Ca::Action::Import honors existing server key pair when generating servers cert
rspec ./spec/puppetserver/ca/action/import_spec.rb:170 # Puppetserver::Ca::Action::Import validation generates a leaf crl if none is provided
rspec ./spec/puppetserver/ca/action/import_spec.rb:197 # Puppetserver::Ca::Action::Import validation validates the root crl is present after generating a leaf crl
rspec ./spec/puppetserver/ca/action/setup_spec.rb:29 # Puppetserver::Ca::Action::Setup does not print the help output if called correctly
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:3]' # Puppetserver::Ca::Action::Setup creates all files with correct permissions
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:6]' # Puppetserver::Ca::Action::Setup adds default subject alt names to the server cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:7]' # Puppetserver::Ca::Action::Setup adds custom subject alt names to the server cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:8]' # Puppetserver::Ca::Action::Setup will not overwrite existing CA files
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:9]' # Puppetserver::Ca::Action::Setup honors existing server key pair when generating servers cert
rspec './spec/puppetserver/ca/action/setup_spec.rb[1:10]' # Puppetserver::Ca::Action::Setup fails if only one of servers public, private keys are present
rspec ./spec/puppetserver/ca/action/setup_spec.rb:48 # Puppetserver::Ca::Action::Setup command line name overrides uses the ca_name and root_ca_name as specified on the command line
rspec ./spec/puppetserver/ca/action/setup_spec.rb:66 # Puppetserver::Ca::Action::Setup command line name overrides uses the default ca_name if none specified
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:63 # Puppetserver::Ca::LocalCertificateAuthority#create_server_cert without a csr_attributes file adds only MA extensions to the csr
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:99 # Puppetserver::Ca::LocalCertificateAuthority#create_server_cert with a csr_attributes file adds extensions from csr_attributes yaml to the csr
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:110 # Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert has the special auth extension
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:125 # Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert does not add default subject alt names
rspec ./spec/puppetserver/ca/local_certificate_authority_spec.rb:140 # Puppetserver::Ca::LocalCertificateAuthority#sign_authorized_cert adds subject alt names if specified
rspec ./spec/puppetserver/ca/utils/http_client_spec.rb:24 # Puppetserver::Ca::Utils::HttpClient creates a store that can validate connections to CA
/usr/bin/ruby3.1 -I/usr/share/rubygems-integration/all/gems/rspec-support-3.13.1/lib:/usr/share/rubygems-integration/all/gems/rspec-core-3.13.0/lib /usr/share/rubygems-integration/all/gems/rspec-core-3.13.0/exe/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation failed
ERROR: Test "ruby3.1" failed. Exiting.
dh_auto_install: error: dh_ruby --install /<<PKGBUILDDIR>>/debian/ruby-puppetserver-ca-cli returned exit code 1
make: *** [debian/rules:17: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
--------------------------------------------------------------------------------
The above is just how the build ends and not necessarily the most relevant part.
If required, the full build log is available here:
https://people.debian.org/~sanvila/build-logs/202501/
About the archive rebuild: The build was made on virtual machines from AWS,
using sbuild and a reduced chroot with only build-essential packages.
If you could not reproduce the bug please contact me privately, as I
am willing to provide ssh access to a virtual machine where the bug is
fully reproducible.
If this is really a bug in one of the build-depends, please use
reassign and add an affects on src:ruby-puppetserver-ca-cli, so that this is still
visible in the BTS web page for this package.
Thanks.
More information about the Pkg-puppet-devel
mailing list