open-eid
Tests crash when run without a network connection
If the unit tests from test/libdigidoc_boost.cpp are run without a network connection, an attempted network connection to fails during a call to the TS constructor from within the DocSuite/signature<digidoc__ASiCE> test, leading to error messages and ultimately a segfault. (I found this while packaging qdigidoc4 for GNU Guix, where the build environment is restricted from network access and tests are run during the build if possible.)
The connection attempt occurs in the execution of BOOST_CHECK_NO_THROW(d->sign(&signer1)) on libdigidoc_boost.cpp:297, during a call to the TS constructor which tries to connect to http://demo.sk.ee/tsa/, and the segfault happens on line 344, when d->signatures().back() is called with signatures().size() == 0.
The network-dependent tests are DocSuite/files<digidoc__ASiCE>, DocSuite/signature<digidoc__ASiCE>, and DocSuite/signatureParameters<digidoc__ASiCE> (for the Guix package I'm skipping these with BOOST_TEST_RUN_FILTERS so that most of the tests can still be run).
I've attached a log of a test run and a gdb session, including backtraces for calls to connect and thrown exceptions. (Excluding throws from "exception raised as expected" checks, and a couple early connection attempts from getpwuid_r. The first two catchpoint hits are probably unrelated, too.)
Partial backtrace from the connect breakpoint:
#11 0x00007ffff7f76a24 in digidoc::Connect::Connect (this=this@entry=0x7fffffffcda0, _url=..., _method=..., _timeout=_timeout@entry=0, certs=..., userAgentData=...)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/crypto/Connect.cpp:119
#12 0x00007ffff7f6d588 in digidoc::TS::TS (this=this@entry=0x7fffffffcf90, digest=..., userAgent=...)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/crypto/TS.cpp:90
#13 0x00007ffff7f5d7ac in digidoc::SignatureXAdES_T::extendSignatureProfile (this=this@entry=0x51d340, signer=signer@entry=0x7fffffffd300)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/SignatureXAdES_T.cpp:76
#14 0x00007ffff7f604ac in digidoc::SignatureXAdES_LT::extendSignatureProfile (this=this@entry=0x51d340, signer=signer@entry=0x7fffffffd300)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/SignatureXAdES_LT.cpp:208
#15 0x00007ffff7f63a7c in digidoc::SignatureXAdES_LTA::extendSignatureProfile (this=this@entry=0x51d340, signer=signer@entry=0x7fffffffd300)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/SignatureXAdES_LTA.cpp:106
#16 0x00007ffff7f190a2 in digidoc::ASiC_E::sign (this=0x58f110, signer=0x7fffffffd300) at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/src/ASiC_E.cpp:267
#17 0x000000000047c128 in DocSuite::signature<digidoc::ASiCE>::test_method (this=<synthetic pointer>)
at /tmp/guix-build-libdigidocpp-4.1.0.drv-0/source/test/libdigidocpp_boost.cpp:297
Ideal resolution for me would be to detect whether network is available, else skip the tests which require it.
I majority of test require network. There is built in OCSP server in OpenSSL that can be used. Need to figure out how to implement TimeStamp server with OpenSSL.
Only a test called runtest appears to fail; if I skip just this one, I get 24 tests passing:
starting phase `check'
Test project /tmp/guix-build-libdigidocpp-4.2.0.drv-0/build
Start 1: TSLTest_CA-non-qa
Start 2: TSLTest_no_QCStatement
Start 3: TSLTest_no_QCSD
Start 4: TSLTest_CA-invalid-type
Start 5: TSLTest_CA-withdrawn
Start 6: TSLTest_CA-granted-later
Start 7: TSLTest_CA-withdrawn-granted-later
Start 8: TSLTest_CA-noqscd-granted-later
Start 9: TSLTest_OCSP-invalid-type
Start 10: TSLTest_OCSP-withdrawn
Start 11: TSLTest_OCSP-granted-later
Start 12: TSLTest_OCSP-withdrawn-granted-later
Start 13: TSLTest_OCSP-noqscd-granted-later
Start 14: TSLTest_TSA-invalid-type
Start 15: TSLTest_TSA-withdrawn
Start 16: TSLTest_TSA-granted-later
Start 17: TSLTest_TSA-withdrawn-granted-later
Start 18: TSLTest_TSA-noqscd-granted-later
Start 19: TSLTest_CA-withdrawn-granted-before
Start 20: TSLTest_CA-noqscd-granted-before
Start 21: TSLTest_OCSP-withdrawn-granted-before
Start 22: TSLTest_OCSP-noqscd-granted-before
Start 23: TSLTest_TSA-withdrawn-granted-before
Start 24: TSLTest_TSA-noqscd-granted-before
1/24 Test #2: TSLTest_no_QCStatement .................. Passed 0.01 sec
2/24 Test #3: TSLTest_no_QCSD ......................... Passed 0.01 sec
3/24 Test #1: TSLTest_CA-non-qa ....................... Passed 0.01 sec
4/24 Test #4: TSLTest_CA-invalid-type ................. Passed 0.01 sec
5/24 Test #5: TSLTest_CA-withdrawn .................... Passed 0.01 sec
6/24 Test #6: TSLTest_CA-granted-later ................ Passed 0.01 sec
7/24 Test #7: TSLTest_CA-withdrawn-granted-later ...... Passed 0.01 sec
8/24 Test #9: TSLTest_OCSP-invalid-type ............... Passed 0.01 sec
9/24 Test #11: TSLTest_OCSP-granted-later .............. Passed 0.01 sec
10/24 Test #8: TSLTest_CA-noqscd-granted-later ......... Passed 0.02 sec
11/24 Test #12: TSLTest_OCSP-withdrawn-granted-later .... Passed 0.01 sec
12/24 Test #18: TSLTest_TSA-noqscd-granted-later ........ Passed 0.01 sec
13/24 Test #14: TSLTest_TSA-invalid-type ................ Passed 0.01 sec
14/24 Test #13: TSLTest_OCSP-noqscd-granted-later ....... Passed 0.01 sec
15/24 Test #10: TSLTest_OCSP-withdrawn .................. Passed 0.02 sec
16/24 Test #19: TSLTest_CA-withdrawn-granted-before ..... Passed 0.01 sec
17/24 Test #16: TSLTest_TSA-granted-later ............... Passed 0.01 sec
18/24 Test #15: TSLTest_TSA-withdrawn ................... Passed 0.02 sec
19/24 Test #17: TSLTest_TSA-withdrawn-granted-later ..... Passed 0.01 sec
20/24 Test #21: TSLTest_OCSP-withdrawn-granted-before ... Passed 0.01 sec
21/24 Test #20: TSLTest_CA-noqscd-granted-before ........ Passed 0.01 sec
22/24 Test #23: TSLTest_TSA-withdrawn-granted-before .... Passed 0.01 sec
23/24 Test #24: TSLTest_TSA-noqscd-granted-before ....... Passed 0.01 sec
24/24 Test #22: TSLTest_OCSP-noqscd-granted-before ...... Passed 0.02 sec
100% tests passed, 0 tests failed out of 24
maybe runtest alone would account for the bulk of the tests?