Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Test_SSHParsePublicKey & Test_calcFingerprint failing with v1.22.1 #31624

Closed
Antiz96 opened this issue Jul 12, 2024 · 2 comments · Fixed by #31905
Closed

Test_SSHParsePublicKey & Test_calcFingerprint failing with v1.22.1 #31624

Antiz96 opened this issue Jul 12, 2024 · 2 comments · Fixed by #31905
Labels

Comments

@Antiz96
Copy link

Antiz96 commented Jul 12, 2024

Description

Hello,

I'm trying to build Gitea v1.22.1 on Arch-Linux using this PKGBUILD (which contains the build and test instructions) but the Test_SSHParsePublicKey & Test_calcFingerprint tests are failing during make test with the following error:

--- FAIL: Test_SSHParsePublicKey (0.02s)
    --- FAIL: Test_SSHParsePublicKey/dsa-1024 (0.01s)
        --- FAIL: Test_SSHParsePublicKey/dsa-1024/SSHKeygen (0.01s)
            ssh_key_test.go:54:
                        Error Trace:    /build/gitea/src/gitea/models/asymkey/ssh_key_test.go:54
                        Error:          %v
                        Test:           Test_SSHParsePublicKey/dsa-1024/SSHKeygen
                        Messages:       fail to parse public key: exec(6690e23b-34:SSHKeyGenParsePublicKey) failed: exit status 255(<nil>) stdout:  stderr: /tmp/gitea_keytest1623655349 is not a public key file.
                                         - /tmp/gitea_keytest1623655349 is not a public key file.
--- FAIL: Test_calcFingerprint (0.01s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:194:
                        Error Trace:    /build/gitea/src/gitea/models/asymkey/ssh_key_test.go:194
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest3103963148 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:195:
                        Error Trace:    /build/gitea/src/gitea/models/asymkey/ssh_key_test.go:195
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL

Full test logs are available in the Log Gist below.

I remain available if you need any additional information :)

Gitea Version

v1.22.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

https://gist.github.com/Antiz96/075b96710a491e1df2d4510955a52abf#file-check-logs

Screenshots

No response

Git Version

2.45.2

Operating System

Arch Linux

How are you running Gitea?

NA

Database

None

@techknowlogick
Copy link
Member

Thanks for the report @Antiz96. I'm wondering since those keys that are being tested are DSA-1024 and they shouldn't really be used that on newer versions of ssh-keygen being used have those disabled (or hidden behind some flag).
I think we should probably stop testing against them (by either disabling the test or by testing against different, stronger, keys), as they are already below our default minimum.

@Antiz96
Copy link
Author

Antiz96 commented Aug 4, 2024

Alright, thanks for the info! Makes sense.

I disabled those two tests on Arch side for now.

s4uliu5 added a commit to s4uliu5/gitea that referenced this issue Aug 22, 2024
…Fingerprint

DSA is considered inherently insecure and is already disabled/removed in OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /usr/local/src/sagu/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /usr/local/src/sagu/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix go-gitea#31624
s4uliu5 added a commit to s4uliu5/gitea that referenced this issue Aug 22, 2024
…Fingerprint

DSA is considered inherently insecure and is already disabled/removed in OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix go-gitea#31624
silverwind pushed a commit that referenced this issue Aug 24, 2024
…Fingerprint (#31905)

DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix #31624
GiteaBot pushed a commit to GiteaBot/gitea that referenced this issue Aug 24, 2024
…Fingerprint (go-gitea#31905)

DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix go-gitea#31624
AvengerMoJo pushed a commit to AvengerMoJo/gitea that referenced this issue Aug 24, 2024
…Fingerprint (go-gitea#31905)

DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix go-gitea#31624
wolfogre pushed a commit that referenced this issue Aug 25, 2024
…Fingerprint (#31905) (#31914)

Backport #31905 by @s4uliu5

DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix #31624

Co-authored-by: Saulius Gurklys <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants