OpenSSL 3.3.0 ( and others ) fail testsuite due to IPv6 disabled

Dennis Clarke dclarke at blastwave.org
Thu Apr 11 10:36:18 UTC 2024 

This is sort of a follow up to 
https://mta.openssl.org/pipermail/openssl-users/2024-April/017080.html

This is something I have seen over and over and over across recent
versions of OpenSSL. At least in the last five years or so.

These few tests will always fail if IPv6 is disabled :

         # INFO:  @ test/bio_dgram_test.c:126
         # # Testing with AF_INET6, local=0
         #
         # ERROR: (int) 'fd1 >= 0' failed @ test/bio_dgram_test.c:172
         # [-1] compared to [0]
         # 80AB1E05F37F0000:error:80000061:system 
library:BIO_socket:Address family not supported by 
protocol:crypto/bio/bio_sock2.c:51:calling socket()
         # 80AB1E05F37F0000:error:10000076:BIO 
routines:BIO_socket:unable to create socket:crypto/bio/bio_sock2.c:53:
         # OPENSSL_TEST_RAND_SEED=1712830904
         not ok 2 - iteration 2
# 
------------------------------------------------------------------------------
         # INFO:  @ test/bio_dgram_test.c:126
         # # Testing with AF_INET6, local=1
         #
         # ERROR: (int) 'fd1 >= 0' failed @ test/bio_dgram_test.c:172
         # [-1] compared to [0]
         # 80AB1E05F37F0000:error:80000061:system 
library:BIO_socket:Address family not supported by 
protocol:crypto/bio/bio_sock2.c:51:calling socket()
         # 80AB1E05F37F0000:error:10000076:BIO 
routines:BIO_socket:unable to create socket:crypto/bio/bio_sock2.c:53:
         # OPENSSL_TEST_RAND_SEED=1712830904
         not ok 4 - iteration 4
# 
------------------------------------------------------------------------------
     # OPENSSL_TEST_RAND_SEED=1712830904
     not ok 1 - test_bio_dgram
# 
------------------------------------------------------------------------------
../../util/wrap.pl ../../test/bio_dgram_test => 1
not ok 1 - running bio_dgram_test
# 
------------------------------------------------------------------------------
#   Failed test 'running bio_dgram_test'
#   at 
/opt/bw/build/openssl-3.3.0_xeon_devuan.001/util/perl/OpenSSL/Test/Simple.pm 
line 77.
# Looks like you failed 1 test of 1.04-test_bio_dgram.t 
.....................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests


One may enable IPv6 on nothing more than a loopback interface and then
everything passes just fine. So the question raised by Richard Levitte
seems on target here : shouldn't the tests be written to be agnostic of
the exact IP version that is enabled?

The follow up by Neil Horman really does ask a loaded question :

     More than that, the test in question seems to avoid the use of
     ip at all, opting to instead mock the client server communication
     with direct calls, so I'm wondering how enabling ipv6 fixed this

See https://mta.openssl.org/pipermail/openssl-users/2024-April/017081.html

I certainly am curious also.


--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken

More information about the openssl-users mailing list