-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tests failing when using OpenSSL library v3 #417
Comments
This makes me wonder: should we test against the different versions of the OpenSSL gem? How hard would that be? 🤔 |
This changed in OpenSSL 3.2, see openssl/openssl#19271. I see two possible ways to fix this:
|
Hmm that's weird – it's failing for me in OpenSSL 3.0 (you can see that in the description) 🙃
That makes sense, I was thinking on stubbing but the extensions approach seems worth trying 👀 |
Seems like the test does not fail with OpenSSL 3.0 in |
Fixes #417. Some tests fail when using OpenSSL v3. The issue is that, for testing the `valid?` method for attestation statements, we set up a certificate to have an invalid version (version is 1 initially) and expect the attestation statement to not be valid. But when setting up the certificate we have to sign it which, in newer versions of OpenSSL, updates the version to a valid one (version changes to be 2), thus causing the expectation to not be met and therefore the spec to fail. This PR fixes the issue by changing the version after the certificate has been signed.
Some specs are failing for me when using OpenSSL library v3:
Digging around a little, it seems that the issue is that we set up the certificate to have an invalid version (version is
1
) but the certificate is later signed which, in newer versions of OpenSSL, updates the version to a valid one (version changes to be2
).This does not happen when using OpenSSL v1 – that's the reason why in the CI the specs do not fail, as the Rubies installed by
setup/ruby
come with said version of OpenSSL:The text was updated successfully, but these errors were encountered: