GNU bug report logs - #75716
[PATCH 1/2] gnu: go-1.23: Skip time variant tests

Previous Next

Package: guix-patches;

Reported by: Ryan Sundberg <ryan <at> arctype.co>

Date: Tue, 21 Jan 2025 00:08:01 UTC

Severity: normal

Tags: patch

Done: Sharlatan Hellseher <sharlatanus <at> gmail.com>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 75716 in the body.
You can then email your comments to 75716 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#75716; Package guix-patches. (Tue, 21 Jan 2025 00:08:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Ryan Sundberg <ryan <at> arctype.co>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 21 Jan 2025 00:08:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ryan Sundberg <ryan <at> arctype.co>
To: guix-patches <at> gnu.org
Cc: Ryan Sundberg <ryan <at> arctype.co>
Subject: [PATCH 1/2] gnu: go-1.23: Skip time variant tests
Date: Mon, 20 Jan 2025 16:06:04 -0800

Patch out select tests under src/crypto/tls which depend on the current
wall clock time for TLS certificate testing.

Specifically, the following failing test cases are skipped:

```

Change-Id: I2f1519bc1c951e15db3a1c9320148206674c7bdf
--- FAIL: TestVerifyConnection (0.00s)
    --- FAIL: TestVerifyConnection/TLSv12 (0.00s)
        handshake_client_test.go:1759: RequireAndVerifyClientCert-FullHandshake: handshake failed: server: remote error: tls: bad certificate
            client: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2025-01-20T20:07:09Z is after 2025-01-01T00:00:00Z
    --- FAIL: TestVerifyConnection/TLSv13 (0.00s)
        handshake_client_test.go:1759: RequireAndVerifyClientCert-FullHandshake: handshake failed: server: remote error: tls: bad certificate
            client: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2025-01-20T20:07:09Z is after 2025-01-01T00:00:00Z
--- FAIL: TestResumptionKeepsOCSPAndSCT (0.00s)
    --- FAIL: TestResumptionKeepsOCSPAndSCT/TLSv12 (0.00s)
        handshake_client_test.go:2550: handshake failed: server: remote error: tls: bad certificate
            client: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2025-01-20T20:07:09Z is after 2025-01-01T00:00:00Z
    --- FAIL: TestResumptionKeepsOCSPAndSCT/TLSv13 (0.00s)
        handshake_client_test.go:2550: handshake failed: server: remote error: tls: bad certificate
            client: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2025-01-20T20:07:09Z is after 2025-01-01T00:00:00Z
--- FAIL: TestCrossVersionResume (0.01s)
    --- FAIL: TestCrossVersionResume/TLSv12 (0.00s)
        handshake_server_test.go:526: handshake did not resume at the same version
    --- FAIL: TestCrossVersionResume/TLSv13 (0.00s)
        handshake_server_test.go:526: handshake did not resume at the same version
FAIL
FAIL    crypto/tls      0.423s
```

* gnu/packages/golang (go-1.23): Include patchset
* gnu/packages/patches/go-skip-tls-tests.patch: New patch file
---
 gnu/packages/golang.scm                      | 16 +++++-
 gnu/packages/patches/go-skip-tls-tests.patch | 56 ++++++++++++++++++++
 2 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/go-skip-tls-tests.patch

diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index b1ea9e5a28..d39e50e982 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -1001,7 +1001,21 @@ (define-public go-1.23
              (commit (string-append "go" version))))
        (file-name (git-file-name name version))
        (sha256
-        (base32 "0v8j43yqkhp5i5649nbxsq7lc9bjjn39gqqvlnz0d9c47qz9h7y7"))))))
+        (base32 "0v8j43yqkhp5i5649nbxsq7lc9bjjn39gqqvlnz0d9c47qz9h7y7"))))
+    (arguments
+     (substitute-keyword-arguments (package-arguments go-1.22)
+       ((#:phases phases)
+        #~(modify-phases #$phases
+            (add-after 'unpack 'apply-skip-test-patch
+              (lambda* (#:key inputs #:allow-other-keys)
+                ;; Having the patch in the 'patches' field of <origin> breaks
+                ;; the 'TestServeContent' test due to the fact that timestamps
+                ;; are reset.  Thus, apply it from here.
+                (invoke "patch" "-p1" "--force" "-i"
+                        (assoc-ref inputs "go-skip-tls-tests.patch"))))))))
+    (native-inputs
+     `(("go-skip-tls-tests.patch" ,(search-patch "go-skip-tls-tests.patch"))
+       ,@(package-native-inputs go-1.22)))))
 
 ;;
 ;; Default Golang version used in guix/build-system/go.scm to build packages.
diff --git a/gnu/packages/patches/go-skip-tls-tests.patch b/gnu/packages/patches/go-skip-tls-tests.patch
new file mode 100644
index 0000000000..92e0a31a86
--- /dev/null
+++ b/gnu/packages/patches/go-skip-tls-tests.patch
@@ -0,0 +1,56 @@
+From 0b0cb6aa447cef0e4f631e43db05195d0d25329a Mon Sep 17 00:00:00 2001
+From: Ryan Sundberg <ryan <at> arctype.co>
+Date: Mon, 20 Jan 2025 15:17:39 -0800
+Subject: [PATCH] crypto/tls: Disable test cases which are time variant
+
+These test cases depend on the current date relative to the TLS
+certificates under test. Skip them for repeatability.
+---
+ src/crypto/tls/handshake_client_test.go | 8 ++++----
+ src/crypto/tls/handshake_server_test.go | 4 ++--
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/crypto/tls/handshake_client_test.go b/src/crypto/tls/handshake_client_test.go
+index 3c87916bcf..fa2a494a6b 100644
+--- a/src/crypto/tls/handshake_client_test.go
++++ b/src/crypto/tls/handshake_client_test.go
+@@ -1561,8 +1561,8 @@ func TestServerSelectingUnconfiguredCipherSuite(t *testing.T) {
+ }
+ 
+ func TestVerifyConnection(t *testing.T) {
+-	t.Run("TLSv12", func(t *testing.T) { testVerifyConnection(t, VersionTLS12) })
+-	t.Run("TLSv13", func(t *testing.T) { testVerifyConnection(t, VersionTLS13) })
++	// t.Run("TLSv12", func(t *testing.T) { testVerifyConnection(t, VersionTLS12) })
++	// t.Run("TLSv13", func(t *testing.T) { testVerifyConnection(t, VersionTLS13) })
+ }
+ 
+ func testVerifyConnection(t *testing.T, version uint16) {
+@@ -2528,8 +2528,8 @@ func TestDowngradeCanary(t *testing.T) {
+ }
+ 
+ func TestResumptionKeepsOCSPAndSCT(t *testing.T) {
+-	t.Run("TLSv12", func(t *testing.T) { testResumptionKeepsOCSPAndSCT(t, VersionTLS12) })
+-	t.Run("TLSv13", func(t *testing.T) { testResumptionKeepsOCSPAndSCT(t, VersionTLS13) })
++	//t.Run("TLSv12", func(t *testing.T) { testResumptionKeepsOCSPAndSCT(t, VersionTLS12) })
++	//t.Run("TLSv13", func(t *testing.T) { testResumptionKeepsOCSPAndSCT(t, VersionTLS13) })
+ }
+ 
+ func testResumptionKeepsOCSPAndSCT(t *testing.T, ver uint16) {
+diff --git a/src/crypto/tls/handshake_server_test.go b/src/crypto/tls/handshake_server_test.go
+index bbfe44bd97..4347c40a6d 100644
+--- a/src/crypto/tls/handshake_server_test.go
++++ b/src/crypto/tls/handshake_server_test.go
+@@ -493,8 +493,8 @@ func testSCTHandshake(t *testing.T, version uint16) {
+ }
+ 
+ func TestCrossVersionResume(t *testing.T) {
+-	t.Run("TLSv12", func(t *testing.T) { testCrossVersionResume(t, VersionTLS12) })
+-	t.Run("TLSv13", func(t *testing.T) { testCrossVersionResume(t, VersionTLS13) })
++	//t.Run("TLSv12", func(t *testing.T) { testCrossVersionResume(t, VersionTLS12) })
++	//t.Run("TLSv13", func(t *testing.T) { testCrossVersionResume(t, VersionTLS13) })
+ }
+ 
+ func testCrossVersionResume(t *testing.T, version uint16) {
+-- 
+2.41.0
+

base-commit: 91b18baa4274a025d28f06133682a9269217730d
-- 
2.41.0
Information forwarded to guix-patches <at> gnu.org:
bug#75716; Package guix-patches. (Tue, 21 Jan 2025 23:47:01 GMT) Full text and rfc822 format available.

Message #8 received at 75716 <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 75716 <at> debbugs.gnu.org
Cc: Ryan Sundberg <ryan <at> arctype.co>
Subject: [PATCH 1/2] gnu: go-1.23: Skip time variant tests
Date: Tue, 21 Jan 2025 23:45:46 +0000

[Message part 1 (application/pgp-encrypted, inline)]
[Message part 2 (application/octet-stream, inline)]
Information forwarded to guix-patches <at> gnu.org:
bug#75716; Package guix-patches. (Tue, 21 Jan 2025 23:56:01 GMT) Full text and rfc822 format available.

Message #11 received at 75716 <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 75716 <at> debbugs.gnu.org
Subject: [PATCH 1/2] gnu: go-1.23: Skip time variant tests
Date: Tue, 21 Jan 2025 23:55:40 +0000

[Message part 1 (text/plain, inline)]
Hi,

Thanks for picking this up.

The issue is currently resolved on go-team branch with this change:

--8<---------------cut here---------------start------------->8---
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index cfe9784e8b..267681f551 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -841,6 +841,24 @@ in the style of communicating sequential processes (@dfn{CSP}).")
         #~(modify-phases #$phases
             (delete 'skip-TestGoPathShlibGccgo-tests)
             (delete 'patch-source)
+            ;; Time bomb in TLS tests: "Most of the test certificates
+            ;; (e.g. testRSACertificate, testRSACertificateIssuer,
+            ;; testRSA2048CertificateIssuer) have a not after of Jan 1
+            ;; 00:00:00 2025 GMT."
+            ;; https://github.com/golang/go/issues/71077
+            ;; https://github.com/golang/go/issues/71103
+            ;; https://github.com/golang/go/issues/71104
+            (add-after 'unpack 'skip-crypto-tls-tests
+              (lambda _
+                (substitute* (list "src/crypto/tls/handshake_client_test.go"
+                                   "src/crypto/tls/handshake_server_test.go")
+                  (("TestVerifyConnection.*" all)
+                   (string-append all "\n        t.Skip(\"golang.org/issue/71077\")\n"))
+                  (("TestResumptionKeepsOCSPAndSCT.*" all)
+                   (string-append all "\n        t.Skip(\"golang.org/issue/71077\")\n"))
+                  (("TestCrossVersionResume.*" all)
+                   (string-append all "\n        t.Skip(\"golang.org/issue/71077\")\n")))))
--8<---------------cut here---------------end--------------->8---

The branch is on it's way to master https://issues.guix.gnu.org/75467

--
Thanks,
Oleg

[signature.asc (application/pgp-signature, inline)]
Reply sent to Sharlatan Hellseher <sharlatanus <at> gmail.com>:
You have taken responsibility. (Fri, 24 Jan 2025 12:59:02 GMT) Full text and rfc822 format available.
Notification sent to Ryan Sundberg <ryan <at> arctype.co>:
bug acknowledged by developer. (Fri, 24 Jan 2025 12:59:02 GMT) Full text and rfc822 format available.

Message #16 received at 75716-done <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 75716-done <at> debbugs.gnu.org
Subject: [PATCH 1/2] gnu: go-1.23: Skip time variant tests
Date: Fri, 24 Jan 2025 12:58:28 +0000

[Message part 1 (text/plain, inline)]
Closing as it's fixed on go-team branch for all Go compilers starting
from go-1.17.

--
Thanks,
Oleg

[signature.asc (application/pgp-signature, inline)]
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sat, 22 Feb 2025 12:24:14 GMT) Full text and rfc822 format available.
This bug report was last modified 19 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.