| Ticket Hash: | 3b1ef43f51c5485668a0a56cf7bb3f5349d3d9cc | ||
| Title: | Test suite failures | ||
| Status: | Open | Type: | Code Defect |
| Severity: | Important | Priority: | Immediate |
| Subsystem: | Resolution: | Open | |
| Last Modified: |
2025-10-15 18:06:47 15.1 days ago |
Created: |
2025-10-14 20:54:26 16.0 days ago |
| Version Found In: | 2.0b2 | ||
| User Comments: | ||||
anonymous added on 2025-10-14 20:54:26:
The build against Tcl9.0 went fine.
See appended the results of "make test".
System specs:
OpenSuSE 15.4
OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov 2022)
--
TCL_LIBRARY=`echo /usr/local/src/SOURCES/tcl9.0.2/library` LD_LIBRARY_PATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2:/usr/local/src/BUILD/x86_64-linux/tcl9.0:" PATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2:/usr/local/src/BUILD/x86_64-linux/tcl9.0:/home/erik/bin:/usr/local/bin:/usr/bin:/bin" TCLLIBPATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2" /usr/local/src/BUILD/x86_64-linux/tcl9.0/tclsh `echo ../../../SOURCES/tcltls-2.0b2/tests/all.tcl` \
-load "package ifneeded tls 2.0b2 \
[list load libtcl9tls2.0b2.so [string totitle tls]]; \
source ../../../SOURCES/tcltls-2.0b2/library/tls.tcl}"
Tests running in interp: /usr/local/src/BUILD/x86_64-linux/tcl9.0/tclsh
Tests located in: /usr/local/src/SOURCES/tcltls-2.0b2/tests
Tests running in: /usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2
Temporary files stored in /usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2
Test files run in separate interpreters
Running tests that match: *
Skipping test files that match: l.*.test
Only running test files that match: *.test
Tests began at Mon Oct 13 22:36:00 CEST 2025
badssl.test
==== BadSSL-1.1 1000 sans FAILED
==== Contents of test case:
badssl 1000-sans.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.1 FAILED
==== BadSSL-1.5 captive portal FAILED
==== Contents of test case:
badssl captive-portal.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "hostname mismatch"
==== BadSSL-1.5 FAILED
==== BadSSL-1.6 cbc FAILED
==== Contents of test case:
badssl cbc.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl cbc.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.6 FAILED
==== BadSSL-1.7 client cert missing FAILED
==== Contents of test case:
badssl client-cert-missing.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl client-cert-missing.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.7 FAILED
==== BadSSL-1.8 client FAILED
==== Contents of test case:
badssl client.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl client.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.8 FAILED
==== BadSSL-1.10 dh composite FAILED
==== Contents of test case:
badssl dh-composite.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: dh key too small
==== BadSSL-1.10 FAILED
==== BadSSL-1.11 dh small subgroup FAILED
==== Contents of test case:
badssl dh-small-subgroup.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl dh-small-subgroup.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.11 FAILED
==== BadSSL-1.13 dh480 FAILED
==== Contents of test case:
badssl dh480.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: modulus too small
==== BadSSL-1.13 FAILED
==== BadSSL-1.17 dh1024 FAILED
==== Contents of test case:
badssl dh1024.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: dh key too small
==== BadSSL-1.17 FAILED
==== BadSSL-1.18 dh2048 FAILED
==== Contents of test case:
badssl dh2048.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl dh2048.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.18 FAILED
==== BadSSL-1.20 ecc256 FAILED
==== Contents of test case:
badssl ecc256.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl ecc256.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.20 FAILED
==== BadSSL-1.21 ecc384 FAILED
==== Contents of test case:
badssl ecc384.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl ecc384.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.21 FAILED
==== BadSSL-1.23 expired FAILED
==== Contents of test case:
badssl expired.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.23 FAILED
==== BadSSL-1.24 extended validation FAILED
==== Contents of test case:
badssl extended-validation.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.24 FAILED
==== BadSSL-1.25 hsts FAILED
==== Contents of test case:
badssl hsts.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl hsts.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.25 FAILED
==== BadSSL-1.26 https everywhere FAILED
==== Contents of test case:
badssl https-everywhere.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl https-everywhere.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.26 FAILED
==== BadSSL-1.29 long extended subdomain name containing many letters and dashes FAILED
==== Contents of test case:
badssl long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.29 FAILED
==== BadSSL-1.30 longextendedsubdomainnamewithoutdashesinordertotestwordwrapping FAILED
==== Contents of test case:
badssl longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.30 FAILED
==== BadSSL-1.32 no common name FAILED
==== Contents of test case:
badssl no-common-name.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.32 FAILED
==== BadSSL-1.33 no sct FAILED
==== Contents of test case:
badssl no-sct.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl no-sct.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.33 FAILED
==== BadSSL-1.34 no subject FAILED
==== Contents of test case:
badssl no-subject.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.34 FAILED
==== BadSSL-1.36 pinning test FAILED
==== Contents of test case:
badssl pinning-test.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl pinning-test.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.36 FAILED
==== BadSSL-1.38 preloaded hsts FAILED
==== Contents of test case:
badssl preloaded-hsts.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl preloaded-hsts.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.38 FAILED
==== BadSSL-1.41 revoked FAILED
==== Contents of test case:
badssl revoked.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl revoked.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.41 FAILED
==== BadSSL-1.42 rsa2048 FAILED
==== Contents of test case:
badssl rsa2048.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl rsa2048.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.42 FAILED
==== BadSSL-1.43 rsa4096 FAILED
==== Contents of test case:
badssl rsa4096.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl rsa4096.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.43 FAILED
==== BadSSL-1.44 rsa8192 FAILED
==== Contents of test case:
badssl rsa8192.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.44 FAILED
==== BadSSL-1.49 sha1 2017 FAILED
==== Contents of test case:
badssl sha1-2017.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "CA signature digest algorithm too weak"
==== BadSSL-1.49 FAILED
==== BadSSL-1.51 sha256 FAILED
==== Contents of test case:
badssl sha256.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl sha256.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.51 FAILED
==== BadSSL-1.52 sha384 FAILED
==== Contents of test case:
badssl sha384.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.52 FAILED
==== BadSSL-1.53 sha512 FAILED
==== Contents of test case:
badssl sha512.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "certificate has expired"
==== BadSSL-1.53 FAILED
==== BadSSL-1.54 static rsa FAILED
==== Contents of test case:
badssl static-rsa.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl static-rsa.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.54 FAILED
==== BadSSL-1.56 subdomain.preloaded hsts FAILED
==== Contents of test case:
badssl subdomain.preloaded-hsts.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "hostname mismatch"
==== BadSSL-1.56 FAILED
==== BadSSL-1.62 tls v1 2:1012 FAILED
==== Contents of test case:
badssl tls-v1-2.badssl.com:1012
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl tls-v1-2.badssl.com:1012"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.62 FAILED
==== BadSSL-1.65 upgrade FAILED
==== Contents of test case:
badssl upgrade.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl upgrade.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.65 FAILED
==== BadSSL-1.68 wrong.host FAILED
==== Contents of test case:
badssl wrong.host.badssl.com
---- Result was:
handshake failed: certificate verify failed due to "unable to get local issuer certificate"
---- Result should have been (exact matching):
handshake failed: certificate verify failed due to "hostname mismatch"
==== BadSSL-1.68 FAILED
==== BadSSL-1.69 mozilla modern FAILED
==== Contents of test case:
badssl mozilla-modern.badssl.com
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: handshake failed: certificate verify failed due to "unable to get local issuer certificate"
while executing
"badssl mozilla-modern.badssl.com"
("uplevel" body line 2)
invoked from within
"uplevel 1 $script"
---- errorCode: NONE
==== BadSSL-1.69 FAILED
ciphers.test
tlsIO.test
==== tlsIO-8.1 testing -async flag on sockets FAILED
==== Contents of test case:
# NOTE: This test may fail on some Solaris 2.4 systems.
# See notes in Tcl's socket.test.
set s [tls::socket -server accept -require 0 -certfile $serverCert -cafile $caCert -keyfile $serverKey 8830]
proc accept {s a p} {
global x
# when doing an in-process client/server test, both sides need
# to be non-blocking for the TLS handshake. Also make sure
# to return the channel to line buffering mode.
fconfigure $s -blocking 0 -buffering line
puts $s bye
# Only OpenSSL 0.9.5a on Windows seems to need the after (delayed)
# close, but it works just the same for all others. -hobbs
after 500 close $s
set x done
}
set s1 [tls::socket -require 0 -certfile $clientCert -cafile $caCert -keyfile $clientKey -async localhost 8830]
# when doing an in-process client/server test, both sides need
# to be non-blocking for the TLS handshake Also make sure to
# return the channel to line buffering mode (TLS sets it to 'none').
fconfigure $s1 -blocking 0 -buffering line
vwait x
# TLS handshaking needs one byte from the client...
puts $s1 a
# need update to complete TLS handshake in-process
update
fconfigure $s1 -blocking 1
set z [gets $s1]
close $s
close $s1
set z
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: error reading "sock21ea320": software caused connection abort
while executing
"gets $s1"
("uplevel" body line 28)
invoked from within
"uplevel 1 $script"
---- errorCode: POSIX ECONNABORTED {software caused connection abort}
==== tlsIO-8.1 FAILED
==== tlsIO-9.1 testing spurious (0 byte read) events FAILED
==== Contents of test case:
set len 0
set spurious 0
set done 0
proc readlittle {s} {
global spurious done len
set l [read $s 1]
if {[string length $l] == 0} {
if {![eof $s]} {
incr spurious
} else {
close $s
set done 1
}
} else {
incr len [string length $l]
}
}
proc accept {s a p} {
fconfigure $s -blocking 0
fileevent $s readable [list do_handshake $s readable readlittle -buffering none]
}
set s [tls::socket -server accept -require 0 -certfile $serverCert -cafile $caCert -keyfile $serverKey 8831]
set c [tls::socket -require 0 -certfile $clientCert -cafile $caCert -keyfile $clientKey localhost 8831]
# This differs from socket-9.1 in that both sides need to be
# non-blocking because of TLS' required handshake
fconfigure $c -blocking 0
puts -nonewline $c 01234567890123456789012345678901234567890123456789
flush $c
set timer [after 10000 [list set done timed_out]]
after 1000 [list close $c]
vwait done
after cancel $timer
catch {close $s}
list $spurious $len
---- Result was:
1 50
---- Result should have been (exact matching):
0 50
==== tlsIO-9.1 FAILED
Test file error: software caused connection abort
while executing
"close sock213c5d0"
("after" script)
Tests ended at Mon Oct 13 22:36:48 CEST 2025
all.tcl: Total 155 Passed 74 Skipped 42 Failed 39
Sourced 3 Test Files.
Files with failing tests: badssl.test tlsIO.test
Number of tests skipped for each constraint:
12 doTestsWithRemoteServer
1 mac
20 old_api
3 ssl2
3 ssl3
1 testthread
2 unexplainedFailure
Test files exiting with errors:
tlsIO.test
-- end of message --
bohagan added on 2025-10-15 00:52:54:
Generally that many errors on the BadSSL cases means there is an issue with the root certificates. Since you are running OpenSSL 3.0.7 from 2 years ago (OpenSuSE 15.4 is EOL), then some of the CA certs or intermediate ones have expired. See if you can update to a newer OpenSSL version (3.0.18 is latest 3.0.x) or at least update the certificates. If you can't do either, get the "cacert.pem" file from the CURL team at https://curl.se/docs/caextract.html. Then set the SSL_CERT_FILE env var to the path/location/name of that file and try again. Google AI says: The OpenSSL error "unable to get local issuer certificate" indicates that OpenSSL cannot find or verify the Certificate Authority (CA) certificate that issued the certificate it is trying to validate. This typically means there's an issue with the chain of trust. anonymous added on 2025-10-15 14:54:21:
Thanks for the quick response. You were right, I switched to OpenSuSE 15.6 with is currently at openssl version:
OpenSSL 3.1.4 24 Oct 2023 (Library: OpenSSL 3.1.4 24 Oct 2023)
All the badssl test failures are now gone. What remains is:
> make test
TCL_LIBRARY=`echo /usr/local/src/SOURCES/tcl9.0.2/library` LD_LIBRARY_PATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2:/usr/local/src/BUILD/x86_64-linux/tcl9.0:" PATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2:/usr/local/src/BUILD/x86_64-linux/tcl9.0:/usr/local/bin:/usr/bin:/bin" TCLLIBPATH="/usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2" /usr/local/src/BUILD/x86_64-linux/tcl9.0/tclsh `echo ../../../SOURCES/tcltls-2.0b2/tests/all.tcl` \
-load "package ifneeded tls 2.0b2 \
[list load libtcl9tls2.0b2.so [string totitle tls]]; \
source ../../../SOURCES/tcltls-2.0b2/library/tls.tcl}"
Tests running in interp: /usr/local/src/BUILD/x86_64-linux/tcl9.0/tclsh
Tests located in: /usr/local/src/SOURCES/tcltls-2.0b2/tests
Tests running in: /usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2
Temporary files stored in /usr/local/src/BUILD/x86_64-linux/tcltls-2.0b2
Test files run in separate interpreters
Running tests that match: *
Skipping test files that match: l.*.test
Only running test files that match: *.test
Tests began at Wed Oct 15 16:46:36 CEST 2025
badssl.test
ciphers.test
tlsIO.test
==== tlsIO-8.1 testing -async flag on sockets FAILED
==== Contents of test case:
# NOTE: This test may fail on some Solaris 2.4 systems.
# See notes in Tcl's socket.test.
set s [tls::socket -server accept -require 0 -certfile $serverCert -cafile $caCert -keyfile $serverKey 8830]
proc accept {s a p} {
global x
# when doing an in-process client/server test, both sides need
# to be non-blocking for the TLS handshake. Also make sure
# to return the channel to line buffering mode.
fconfigure $s -blocking 0 -buffering line
puts $s bye
# Only OpenSSL 0.9.5a on Windows seems to need the after (delayed)
# close, but it works just the same for all others. -hobbs
after 500 close $s
set x done
}
set s1 [tls::socket -require 0 -certfile $clientCert -cafile $caCert -keyfile $clientKey -async localhost 8830]
# when doing an in-process client/server test, both sides need
# to be non-blocking for the TLS handshake Also make sure to
# return the channel to line buffering mode (TLS sets it to 'none').
fconfigure $s1 -blocking 0 -buffering line
vwait x
# TLS handshaking needs one byte from the client...
puts $s1 a
# need update to complete TLS handshake in-process
update
fconfigure $s1 -blocking 1
set z [gets $s1]
close $s
close $s1
set z
---- Test generated error; Return code was: 1
---- Return code should have been one of: 0 2
---- errorInfo: error reading "sock2b737790": software caused connection abort
while executing
"gets $s1"
("uplevel" body line 28)
invoked from within
"uplevel 1 $script"
---- errorCode: POSIX ECONNABORTED {software caused connection abort}
==== tlsIO-8.1 FAILED
==== tlsIO-9.1 testing spurious (0 byte read) events FAILED
==== Contents of test case:
set len 0
set spurious 0
set done 0
proc readlittle {s} {
global spurious done len
set l [read $s 1]
if {[string length $l] == 0} {
if {![eof $s]} {
incr spurious
} else {
close $s
set done 1
}
} else {
incr len [string length $l]
}
}
proc accept {s a p} {
fconfigure $s -blocking 0
fileevent $s readable [list do_handshake $s readable readlittle -buffering none]
}
set s [tls::socket -server accept -require 0 -certfile $serverCert -cafile $caCert -keyfile $serverKey 8831]
set c [tls::socket -require 0 -certfile $clientCert -cafile $caCert -keyfile $clientKey localhost 8831]
# This differs from socket-9.1 in that both sides need to be
# non-blocking because of TLS' required handshake
fconfigure $c -blocking 0
puts -nonewline $c 01234567890123456789012345678901234567890123456789
flush $c
set timer [after 10000 [list set done timed_out]]
after 1000 [list close $c]
vwait done
after cancel $timer
catch {close $s}
list $spurious $len
---- Result was:
1 50
---- Result should have been (exact matching):
0 50
==== tlsIO-9.1 FAILED
Test file error: software caused connection abort
while executing
"close sock2b737010"
("after" script)
Tests ended at Wed Oct 15 16:47:28 CEST 2025
all.tcl: Total 155 Passed 111 Skipped 42 Failed 2
Sourced 3 Test Files.
Files with failing tests: tlsIO.test
Number of tests skipped for each constraint:
12 doTestsWithRemoteServer
1 mac
20 old_api
3 ssl2
3 ssl3
1 testthread
2 unexplainedFailure
Test files exiting with errors:
tlsIO.test
-- end of message --
bohagan added on 2025-10-15 18:06:47:
Yes, those test case failures are expected for now. | ||||