juju-core

Merge lp:~axwalk/juju-core/cert-server-auth into lp:~go-bot/juju-core/trunk

cert-server-auth
Merge into trunk

Proposed by Andrew Wilkins on 2014-02-21

Status:	Merged
Approved by:	Andrew Wilkins on 2014-02-24
Approved revision:	no longer in the source branch.
Merged at revision:	2349
Proposed branch:	lp:~axwalk/juju-core/cert-server-auth
Merge into:	lp:~go-bot/juju-core/trunk
Diff against target:	33 lines (+3/-2) 2 files modified cert/cert.go (+2/-2) cert/cert_test.go (+1/-0)
To merge this branch:	bzr merge lp:~axwalk/juju-core/cert-server-auth
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Juju Engineering		2014-02-21	Pending
Review via email: mp+207613@code.launchpad.net

Commit message

cert: add serverAuth extKeyUsage to server certs

GnuTLS is particular about the key usage, which
prevents rsyslog from serving TLS unless the
correct ones are set.

This enables a fix for lp:1281071

https://codereview.appspot.com/66930043/

Description of the change

cert: add serverAuth extKeyUsage to server certs

GnuTLS is particular about the key usage, which
prevents rsyslog from serving TLS unless the
correct ones are set.

This enables a fix for lp:1281071

https://codereview.appspot.com/66930043/

Revision history for this message

Andrew Wilkins (axwalk) wrote on 2014-02-21:

Reviewers: mp+207613_code.launchpad.net,

Message:
Please take a look.

Description:
cert: add serverAuth extKeyUsage to server certs

GnuTLS is particular about the key usage, which
prevents rsyslog from serving TLS unless the
correct ones are set.

This enables a fix for lp:1281071

https://code.launchpad.net/~axwalk/juju-core/cert-server-auth/+merge/207613

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/66930043/

Affected files (+5, -2 lines):
   A [revision details]
   M cert/cert.go
   M cert/cert_test.go

Index: [revision details]
=== added file '[revision details]'
--- [revision details] 2012-01-01 00:00:00 +0000
+++ [revision details] 2012-01-01 00:00:00 +0000
@@ -0,0 +1,2 @@
+Old revision: tarmac-20140220160904-67ajnt8y3n3jd73c
+New revision: <email address hidden>

Index: cert/cert.go
=== modified file 'cert/cert.go'
--- cert/cert.go 2014-02-03 14:31:54 +0000
+++ cert/cert.go 2014-02-21 10:13:05 +0000
@@ -119,7 +119,7 @@

  // NewServer generates a certificate/key pair suitable for use by a server.
  func NewServer(caCertPEM, caKeyPEM []byte, expiry time.Time, hostnames
[]string) (certPEM, keyPEM []byte, err error) {
- return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, nil)
+ return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames,
[]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
  }

// NewClient generates a certificate/key pair suitable for client
authentication.
@@ -164,7 +164,7 @@
NotAfter: expiry.UTC(),

    SubjectKeyId: bigIntHash(key.N),
- KeyUsage: x509.KeyUsageDataEncipherment,
+ KeyUsage: x509.KeyUsageKeyEncipherment |
x509.KeyUsageDigitalSignature | x509.KeyUsageKeyAgreement,
    ExtKeyUsage: extKeyUsage,
   }
   for _, hostname := range hostnames {

Index: cert/cert_test.go
=== modified file 'cert/cert_test.go'
--- cert/cert_test.go 2013-09-24 05:42:43 +0000
+++ cert/cert_test.go 2014-02-21 10:13:05 +0000
@@ -86,6 +86,7 @@
   c.Assert(srvCert.NotAfter.Equal(expiry), gc.Equals, true)
   c.Assert(srvCert.BasicConstraintsValid, gc.Equals, false)
   c.Assert(srvCert.IsCA, gc.Equals, false)
+ c.Assert(srvCert.ExtKeyUsage, gc.DeepEquals,
[]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})

checkTLSConnection(c, caCert, srvCert, srvKey)
}

Reviewers: mp+207613_code.launchpad.net,

Message:
Please take a look.

Description:
cert: add serverAuth extKeyUsage to server certs

GnuTLS is particular about the key usage, which
prevents rsyslog from serving TLS unless the
correct ones are set.

This enables a fix for lp:1281071

https://code.launchpad.net/~axwalk/juju-core/cert-server-auth/+merge/207613

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/66930043/

Affected files (+5, -2 lines):
   A [revision details]
   M cert/cert.go
   M cert/cert_test.go

Index: [revision details]
=== added file '[revision details]'
--- [revision details]	2012-01-01 00:00:00 +0000
+++ [revision details]	2012-01-01 00:00:00 +0000
@@ -0,0 +1,2 @@
+Old revision: tarmac-20140220160904-67ajnt8y3n3jd73c
+New revision: andrew.wilkins@canonical.com-20140221101305-cbjmea5bvelw6uck

Index: cert/cert.go
=== modified file 'cert/cert.go'
--- cert/cert.go	2014-02-03 14:31:54 +0000
+++ cert/cert.go	2014-02-21 10:13:05 +0000
@@ -119,7 +119,7 @@

// NewServer generates a certificate/key pair suitable for use by a server.
  func NewServer(caCertPEM, caKeyPEM []byte, expiry time.Time, hostnames  
[]string) (certPEM, keyPEM []byte, err error) {
-	return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, nil)
+	return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames,  
[]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
  }

// NewClient generates a certificate/key pair suitable for client  
authentication.
@@ -164,7 +164,7 @@
  		NotAfter:  expiry.UTC(),

SubjectKeyId: bigIntHash(key.N),
-		KeyUsage:     x509.KeyUsageDataEncipherment,
+		KeyUsage:     x509.KeyUsageKeyEncipherment |  
x509.KeyUsageDigitalSignature | x509.KeyUsageKeyAgreement,
  		ExtKeyUsage:  extKeyUsage,
  	}
  	for _, hostname := range hostnames {

Index: cert/cert_test.go
=== modified file 'cert/cert_test.go'
--- cert/cert_test.go	2013-09-24 05:42:43 +0000
+++ cert/cert_test.go	2014-02-21 10:13:05 +0000
@@ -86,6 +86,7 @@
  	c.Assert(srvCert.NotAfter.Equal(expiry), gc.Equals, true)
  	c.Assert(srvCert.BasicConstraintsValid, gc.Equals, false)
  	c.Assert(srvCert.IsCA, gc.Equals, false)
+	c.Assert(srvCert.ExtKeyUsage, gc.DeepEquals,  
[]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})

checkTLSConnection(c, caCert, srvCert, srvKey)
  }

Revision history for this message

Ian Booth (wallyworld) wrote on 2014-02-24:

LGTM

https://codereview.appspot.com/66930043/

Revision history for this message

Go Bot (go-bot) wrote on 2014-02-24:

Download full text (15.1 KiB)

The attempt to merge lp:~axwalk/juju-core/cert-server-auth into lp:juju-core failed. Below is the output from the failed tests.

ok launchpad.net/juju-core 0.017s
ok launchpad.net/juju-core/agent 1.162s
ok launchpad.net/juju-core/agent/tools 0.271s
ok launchpad.net/juju-core/bzr 6.930s
ok launchpad.net/juju-core/cert 3.604s
ok launchpad.net/juju-core/charm 0.556s
? launchpad.net/juju-core/charm/hooks [no test files]
? launchpad.net/juju-core/charm/testing [no test files]
ok launchpad.net/juju-core/cloudinit 0.036s
ok launchpad.net/juju-core/cloudinit/sshinit 1.191s
ok launchpad.net/juju-core/cmd 0.228s
ok launchpad.net/juju-core/cmd/charm-admin 0.870s
? launchpad.net/juju-core/cmd/charmd [no test files]
? launchpad.net/juju-core/cmd/charmload [no test files]
ok launchpad.net/juju-core/cmd/juju 247.856s
ok launchpad.net/juju-core/cmd/jujud 60.983s
ok launchpad.net/juju-core/cmd/plugins/juju-metadata 13.183s
? launchpad.net/juju-core/cmd/plugins/juju-restore [no test files]
ok launchpad.net/juju-core/constraints 0.027s
ok launchpad.net/juju-core/container 0.037s
ok launchpad.net/juju-core/container/factory 0.051s
ok launchpad.net/juju-core/container/kvm 0.250s
ok launchpad.net/juju-core/container/kvm/mock 0.038s
? launchpad.net/juju-core/container/kvm/testing [no test files]
ok launchpad.net/juju-core/container/lxc 0.279s
? launchpad.net/juju-core/container/lxc/mock [no test files]
? launchpad.net/juju-core/container/lxc/testing [no test files]
? launchpad.net/juju-core/container/testing [no test files]
ok launchpad.net/juju-core/downloader 5.307s
ok launchpad.net/juju-core/environs 3.049s
ok launchpad.net/juju-core/environs/bootstrap 4.546s
ok launchpad.net/juju-core/environs/cloudinit 0.698s
ok launchpad.net/juju-core/environs/config 3.131s
ok launchpad.net/juju-core/environs/configstore 0.040s
ok launchpad.net/juju-core/environs/filestorage 0.031s
ok launchpad.net/juju-core/environs/httpstorage 0.959s
ok launchpad.net/juju-core/environs/imagemetadata 0.633s
? launchpad.net/juju-core/environs/imagemetadata/testing [no test files]
ok launchpad.net/juju-core/environs/instances 0.059s
ok launchpad.net/juju-core/environs/jujutest 0.235s
ok launchpad.net/juju-core/environs/manual 15.352s
ok launchpad.net/juju-core/environs/simplestreams 0.337s
? launchpad.net/juju-core/environs/simplestreams/testing [no test files]
ok launchpad.net/juju-core/environs/sshstorage 1.167s
ok launchpad.net/juju-core/environs/storage 1.250s
ok launchpad.net/juju-core/environs/sync 33.605s
ok launchpad.net/juju-core/environs/testing 0.216s
ok launchpad.net/juju-core/environs/tools 6.783s
? launchpad.net/juju-core/environs/tools/testing [no test files]
ok launchpad.net/juju-core/errors 0.016s
ok launchpad.net/juju-core/instance 0.024s
? launchpad.net/juju-core/instance/testing [no test files]
ok launchpad.net/juju-core/juju 22.628s
ok launchpad.net/juju-core/juju/osenv 0.020s
? launchpad.net/juju-core/juju/testing [no test files]
ok launchpad.net/juju-core/log 0.015s
ok launchpad.net/juju-core/log/syslog 0.027s
? launchpad.net/juju-core/log/sy...

The attempt to merge lp:~axwalk/juju-core/cert-server-auth into lp:juju-core failed. Below is the output from the failed tests.

ok  	launchpad.net/juju-core	0.017s
ok  	launchpad.net/juju-core/agent	1.162s
ok  	launchpad.net/juju-core/agent/tools	0.271s
ok  	launchpad.net/juju-core/bzr	6.930s
ok  	launchpad.net/juju-core/cert	3.604s
ok  	launchpad.net/juju-core/charm	0.556s
?   	launchpad.net/juju-core/charm/hooks	[no test files]
?   	launchpad.net/juju-core/charm/testing	[no test files]
ok  	launchpad.net/juju-core/cloudinit	0.036s
ok  	launchpad.net/juju-core/cloudinit/sshinit	1.191s
ok  	launchpad.net/juju-core/cmd	0.228s
ok  	launchpad.net/juju-core/cmd/charm-admin	0.870s
?   	launchpad.net/juju-core/cmd/charmd	[no test files]
?   	launchpad.net/juju-core/cmd/charmload	[no test files]
ok  	launchpad.net/juju-core/cmd/juju	247.856s
ok  	launchpad.net/juju-core/cmd/jujud	60.983s
ok  	launchpad.net/juju-core/cmd/plugins/juju-metadata	13.183s
?   	launchpad.net/juju-core/cmd/plugins/juju-restore	[no test files]
ok  	launchpad.net/juju-core/constraints	0.027s
ok  	launchpad.net/juju-core/container	0.037s
ok  	launchpad.net/juju-core/container/factory	0.051s
ok  	launchpad.net/juju-core/container/kvm	0.250s
ok  	launchpad.net/juju-core/container/kvm/mock	0.038s
?   	launchpad.net/juju-core/container/kvm/testing	[no test files]
ok  	launchpad.net/juju-core/container/lxc	0.279s
?   	launchpad.net/juju-core/container/lxc/mock	[no test files]
?   	launchpad.net/juju-core/container/lxc/testing	[no test files]
?   	launchpad.net/juju-core/container/testing	[no test files]
ok  	launchpad.net/juju-core/downloader	5.307s
ok  	launchpad.net/juju-core/environs	3.049s
ok  	launchpad.net/juju-core/environs/bootstrap	4.546s
ok  	launchpad.net/juju-core/environs/cloudinit	0.698s
ok  	launchpad.net/juju-core/environs/config	3.131s
ok  	launchpad.net/juju-core/environs/configstore	0.040s
ok  	launchpad.net/juju-core/environs/filestorage	0.031s
ok  	launchpad.net/juju-core/environs/httpstorage	0.959s
ok  	launchpad.net/juju-core/environs/imagemetadata	0.633s
?   	launchpad.net/juju-core/environs/imagemetadata/testing	[no test files]
ok  	launchpad.net/juju-core/environs/instances	0.059s
ok  	launchpad.net/juju-core/environs/jujutest	0.235s
ok  	launchpad.net/juju-core/environs/manual	15.352s
ok  	launchpad.net/juju-core/environs/simplestreams	0.337s
?   	launchpad.net/juju-core/environs/simplestreams/testing	[no test files]
ok  	launchpad.net/juju-core/environs/sshstorage	1.167s
ok  	launchpad.net/juju-core/environs/storage	1.250s
ok  	launchpad.net/juju-core/environs/sync	33.605s
ok  	launchpad.net/juju-core/environs/testing	0.216s
ok  	launchpad.net/juju-core/environs/tools	6.783s
?   	launchpad.net/juju-core/environs/tools/testing	[no test files]
ok  	launchpad.net/juju-core/errors	0.016s
ok  	launchpad.net/juju-core/instance	0.024s
?   	launchpad.net/juju-core/instance/testing	[no test files]
ok  	launchpad.net/juju-core/juju	22.628s
ok  	launchpad.net/juju-core/juju/osenv	0.020s
?   	launchpad.net/juju-core/juju/testing	[no test files]
ok  	launchpad.net/juju-core/log	0.015s
ok  	launchpad.net/juju-core/log/syslog	0.027s
?   	launchpad.net/juju-core/log/syslog/testing	[no test files]
ok  	launchpad.net/juju-core/names	0.048s
?   	launchpad.net/juju-core/provider	[no test files]
?   	launchpad.net/juju-core/provider/all	[no test files]
ok  	launchpad.net/juju-core/provider/azure	6.491s
ok  	launchpad.net/juju-core/provider/common	5.981s
ok  	launchpad.net/juju-core/provider/dummy	24.344s
ok  	launchpad.net/juju-core/provider/ec2	25.741s
ok  	launchpad.net/juju-core/provider/joyent	5.281s
ok  	launchpad.net/juju-core/provider/local	5.951s
ok  	launchpad.net/juju-core/provider/maas	20.275s
ok  	launchpad.net/juju-core/provider/manual	1.694s
ok  	launchpad.net/juju-core/provider/openstack	34.927s

----------------------------------------------------------------------
FAIL: replicaset_test.go:294: MongoSuite.TestCurrentStatus

replicaset_test.go:366:
    c.Errorf("Servers did not get into final state before timeout.  Status: %#v", res)
... Error: Servers did not get into final state before timeout.  Status: &replicaset.Status{Name:"juju", Members:[]replicaset.MemberStatus{replicaset.MemberStatus{Id:1, Address:"localhost:43547", Self:true, ErrMsg:"", Healthy:true, State:1, Uptime:75, Ping:0}, replicaset.MemberStatus{Id:2, Address:"localhost:36379", Self:false, ErrMsg:"", Healthy:true, State:2, Uptime:60, Ping:0}, replicaset.MemberStatus{Id:3, Address:"localhost:55397", Self:false, ErrMsg:"initial sync done", Healthy:true, State:3, Uptime:60, Ping:0}}}

OOPS: 2 passed, 1 FAILED
--- FAIL: TestPackage (75.48 seconds)
FAIL
FAIL	launchpad.net/juju-core/replicaset	75.674s
ok  	launchpad.net/juju-core/rpc	0.094s
ok  	launchpad.net/juju-core/rpc/jsoncodec	0.033s
?   	launchpad.net/juju-core/rpc/rpcreflect	[no test files]
ok  	launchpad.net/juju-core/schema	0.020s
ok  	launchpad.net/juju-core/state	93.011s
ok  	launchpad.net/juju-core/state/api	2.103s
ok  	launchpad.net/juju-core/state/api/agent	2.293s
?   	launchpad.net/juju-core/state/api/base	[no test files]
ok  	launchpad.net/juju-core/state/api/charmrevisionupdater	1.517s
?   	launchpad.net/juju-core/state/api/common	[no test files]
?   	launchpad.net/juju-core/state/api/common/testing	[no test files]
ok  	launchpad.net/juju-core/state/api/deployer	5.904s
ok  	launchpad.net/juju-core/state/api/environment	1.932s
ok  	launchpad.net/juju-core/state/api/firewaller	10.706s
ok  	launchpad.net/juju-core/state/api/keymanager	3.582s
ok  	launchpad.net/juju-core/state/api/keyupdater	2.737s
ok  	launchpad.net/juju-core/state/api/logger	2.307s
ok  	launchpad.net/juju-core/state/api/machiner	3.377s
ok  	launchpad.net/juju-core/state/api/params	0.044s
ok  	launchpad.net/juju-core/state/api/provisioner	9.467s
ok  	launchpad.net/juju-core/state/api/uniter	29.012s
ok  	launchpad.net/juju-core/state/api/upgrader	9.680s
ok  	launchpad.net/juju-core/state/api/watcher	3.205s
ok  	launchpad.net/juju-core/state/apiserver	8.198s
ok  	launchpad.net/juju-core/state/apiserver/agent	3.054s
ok  	launchpad.net/juju-core/state/apiserver/charmrevisionupdater	2.518s
?   	launchpad.net/juju-core/state/apiserver/charmrevisionupdater/testing	[no test files]

----------------------------------------------------------------------
FAIL: api_test.go:0: runSuite.SetUpTest

[LOG] 6.35290 DEBUG juju.environs.configstore Making /tmp/gocheck-545291762129038907/2/home/ubuntu/.juju/environments
[LOG] 6.46097 DEBUG juju.environs.tools reading v1.* tools
[LOG] 6.46102 INFO juju environs/testing: uploading FAKE tools 1.17.4-precise-amd64
[LOG] 6.46188 DEBUG juju.environs.tools no architecture specified when finding tools, looking for any
[LOG] 6.46190 DEBUG juju.environs.tools no series specified when finding tools, looking for any
[LOG] 6.46194 DEBUG juju.environs.simplestreams fetchData failed for "tools/streams/v1/index.sjson": file "tools/streams/v1/index.sjson" not found not found
[LOG] 6.46196 DEBUG juju.environs.simplestreams cannot load index "streams/v1/index.sjson": invalid URL "tools/streams/v1/index.sjson" not found
[LOG] 6.46199 DEBUG juju.environs.simplestreams fetchData failed for "tools/streams/v1/index.json": file "tools/streams/v1/index.json" not found not found
[LOG] 6.46200 DEBUG juju.environs.simplestreams cannot load index "streams/v1/index.json": invalid URL "tools/streams/v1/index.json" not found
[LOG] 6.46230 INFO juju.environs.tools Writing tools/streams/v1/index.json
[LOG] 6.46241 INFO juju.environs.tools Writing tools/streams/v1/com.ubuntu.juju:released:tools.json
[LOG] 6.46245 INFO juju.environs.bootstrap bootstrapping environment "dummyenv"
[LOG] 6.46248 DEBUG juju.environs.bootstrap looking for bootstrap tools: series="precise", arch=<nil>, version=1.17.4
[LOG] 6.46249 INFO juju.environs.tools reading tools with major.minor version 1.17
[LOG] 6.46250 INFO juju.environs.tools filtering tools by version: 1.17.4
[LOG] 6.46251 INFO juju.environs.tools filtering tools by series: precise
[LOG] 6.46253 DEBUG juju.environs.tools no architecture specified when finding tools, looking for any
[LOG] 6.46256 DEBUG juju.environs.simplestreams fetchData failed for "tools/streams/v1/index.sjson": file "tools/streams/v1/index.sjson" not found not found
[LOG] 6.46258 DEBUG juju.environs.simplestreams cannot load index "streams/v1/index.sjson": invalid URL "tools/streams/v1/index.sjson" not found
[LOG] 6.46268 DEBUG juju.environs.simplestreams fetchData failed for "tools/streams/v1/mirrors.json": file "tools/streams/v1/mirrors.json" not found not found
[LOG] 6.46269 DEBUG juju.environs.simplestreams no mirror index file found
[LOG] 6.46271 DEBUG juju.environs.simplestreams no mirror information available for { }: mirror data for "com.ubuntu.juju:released:tools" not found
[LOG] 6.46273 DEBUG juju.environs.simplestreams read metadata index at "http://127.0.0.1:55864/dummyenv/private/tools/streams/v1/index.json"
[LOG] 6.46279 DEBUG juju.environs.simplestreams candidate matches for products ["com.ubuntu.juju:12.04:amd64" "com.ubuntu.juju:12.04:i386" "com.ubuntu.juju:12.04:arm"] are [{Mon, 24 Feb 2014 03:37:07 +0000 products:1.0 content-download  [] streams/v1/com.ubuntu.juju:released:tools.json [com.ubuntu.juju:12.04:amd64]}]
[LOG] 6.46280 DEBUG juju.environs.simplestreams finding products at path "streams/v1/com.ubuntu.juju:released:tools.json"
[LOG] 6.46300 DEBUG juju.environs.simplestreams metadata: &{map[com.ubuntu.juju:12.04:amd64:{ 1.17.4 amd64   map[20140224:0xc200d68f00]}] map[] Mon, 24 Feb 2014 03:37:07 +0000 products:1.0 com.ubuntu.juju:released:tools}
[LOG] 6.46306 INFO juju.environs.bootstrap picked newest version: 1.17.4
[LOG] 6.46309 INFO juju.provider.dummy would pick tools from 1.17.4-precise-amd64
[LOG] 6.46348 INFO juju.state opening state; mongo addresses: ["localhost:50198"]; entity ""
[LOG] 6.48180 INFO juju.state connection established
[LOG] 6.49584 INFO juju.state adding state server info to legacy environment
[LOG] 6.49613 INFO juju.state found existing state servers []
[LOG] 6.50307 INFO juju.state initializing environment
[LOG] 6.52454 INFO juju.state.apiserver listening on "127.0.0.1:51467"
[LOG] 6.54261 INFO juju.state opening state; mongo addresses: ["localhost:50198"]; entity ""
[LOG] 6.54524 INFO juju.state connection established
[LOG] 6.55793 INFO juju juju: authorization error while connecting to state server; retrying
[LOG] 6.55806 INFO juju.state opening state; mongo addresses: ["localhost:50198"]; entity ""
/home/tarmac/trees/src/launchpad.net/juju-core/juju/testing/conn.go:211:
    c.Assert(err, gc.IsNil)
... value *net.OpError = &net.OpError{Op:"local error", Net:"", Addr:net.Addr(nil), Err:0x14} ("local error: bad record MAC")

----------------------------------------------------------------------
PANIC: api_test.go:0: runSuite.TearDownTest

... Panic: runtime error: invalid memory address or nil pointer dereference (PC=0x414311)

/usr/lib/go/src/pkg/runtime/panic.c:229
  in panic
/usr/lib/go/src/pkg/runtime/panic.c:487
  in panicstring
/usr/lib/go/src/pkg/runtime/os_linux.c:236
  in sigpanic
/home/tarmac/trees/src/launchpad.net/juju-core/state/state.go:1297
  in State.SetAdminMongoPassword
/home/tarmac/trees/src/launchpad.net/juju-core/juju/testing/conn.go:247
  in JujuConnSuite.tearDownConn
/home/tarmac/trees/src/launchpad.net/juju-core/juju/testing/conn.go:87
  in JujuConnSuite.TearDownTest

----------------------------------------------------------------------
PANIC: run_test.go:169: runSuite.TestParallelExecuteAddsIdentity

... Panic: Fixture has panicked (see related PANIC)
OOPS: 90 passed, 1 FAILED, 1 FIXTURE-PANICKED, 7 MISSED
--- FAIL: TestAll (42.07 seconds)
FAIL
FAIL	launchpad.net/juju-core/state/apiserver/client	42.302s
ok  	launchpad.net/juju-core/state/apiserver/common	2.571s
?   	launchpad.net/juju-core/state/apiserver/common/testing	[no test files]
ok  	launchpad.net/juju-core/state/apiserver/deployer	4.565s
ok  	launchpad.net/juju-core/state/apiserver/environment	1.629s
ok  	launchpad.net/juju-core/state/apiserver/firewaller	5.988s
ok  	launchpad.net/juju-core/state/apiserver/keymanager	4.122s
?   	launchpad.net/juju-core/state/apiserver/keymanager/testing	[no test files]
ok  	launchpad.net/juju-core/state/apiserver/keyupdater	3.028s
ok  	launchpad.net/juju-core/state/apiserver/logger	3.527s
ok  	launchpad.net/juju-core/state/apiserver/machine	3.064s
ok  	launchpad.net/juju-core/state/apiserver/provisioner	12.136s
?   	launchpad.net/juju-core/state/apiserver/testing	[no test files]
ok  	launchpad.net/juju-core/state/apiserver/uniter	20.359s
ok  	launchpad.net/juju-core/state/apiserver/upgrader	11.288s
ok  	launchpad.net/juju-core/state/multiwatcher	0.829s
ok  	launchpad.net/juju-core/state/presence	6.412s
ok  	launchpad.net/juju-core/state/statecmd	1.954s
?   	launchpad.net/juju-core/state/testing	[no test files]
ok  	launchpad.net/juju-core/state/watcher	5.491s
ok  	launchpad.net/juju-core/store	19.612s
ok  	launchpad.net/juju-core/testing	1.342s
ok  	launchpad.net/juju-core/testing/checkers	0.025s
ok  	launchpad.net/juju-core/testing/testbase	0.018s
ok  	launchpad.net/juju-core/thirdparty/pbkdf2	0.133s
ok  	launchpad.net/juju-core/tools	0.021s
ok  	launchpad.net/juju-core/upgrades	2.468s
ok  	launchpad.net/juju-core/upstart	0.141s
ok  	launchpad.net/juju-core/utils	2.376s
ok  	launchpad.net/juju-core/utils/exec	0.036s
ok  	launchpad.net/juju-core/utils/fslock	0.961s
ok  	launchpad.net/juju-core/utils/parallel	0.964s
ok  	launchpad.net/juju-core/utils/set	0.019s
ok  	launchpad.net/juju-core/utils/ssh	28.888s
?   	launchpad.net/juju-core/utils/ssh/testing	[no test files]
ok  	launchpad.net/juju-core/utils/tailer	1.033s
ok  	launchpad.net/juju-core/utils/voyeur	0.018s
ok  	launchpad.net/juju-core/version	0.069s
ok  	launchpad.net/juju-core/worker	6.603s
ok  	launchpad.net/juju-core/worker/authenticationworker	3.143s
ok  	launchpad.net/juju-core/worker/charmrevisionworker	2.018s
ok  	launchpad.net/juju-core/worker/cleaner	1.322s
ok  	launchpad.net/juju-core/worker/deployer	3.669s
ok  	launchpad.net/juju-core/worker/firewaller	12.415s
ok  	launchpad.net/juju-core/worker/instancepoller	2.563s
ok  	launchpad.net/juju-core/worker/localstorage	0.050s
ok  	launchpad.net/juju-core/worker/logger	1.569s
ok  	launchpad.net/juju-core/worker/machineenvironmentworker	7.685s
ok  	launchpad.net/juju-core/worker/machiner	3.508s
ok  	launchpad.net/juju-core/worker/minunitsworker	1.355s
ok  	launchpad.net/juju-core/worker/peergrouper	0.022s
ok  	launchpad.net/juju-core/worker/provisioner	39.004s
ok  	launchpad.net/juju-core/worker/resumer	1.710s
ok  	launchpad.net/juju-core/worker/terminationworker	0.072s
ok  	launchpad.net/juju-core/worker/uniter	209.802s
ok  	launchpad.net/juju-core/worker/uniter/charm	4.596s
ok  	launchpad.net/juju-core/worker/uniter/debug	0.200s
ok  	launchpad.net/juju-core/worker/uniter/hook	0.015s
ok  	launchpad.net/juju-core/worker/uniter/jujuc	0.494s
ok  	launchpad.net/juju-core/worker/uniter/relation	1.356s
ok  	launchpad.net/juju-core/worker/upgrader	3.436s

warning: building out-of-date packages:
	launchpad.net/lpad
	launchpad.net/goose/testservices/hook
	launchpad.net/goose/testservices/identityservice
	launchpad.net/goose/testservices
	launchpad.net/goose/testservices/novaservice
	launchpad.net/goose/testservices/swiftservice
	launchpad.net/goose/testservices/openstackservice
installing these packages with 'go test -i ./...' will speed future tests.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Aaron Bentley

Andrew Wilkins

Dave Cheney

Dimiter Naydenov

Eric Snow

John A Meinel

Martin Packman

Nate Finch

Raphaël Badin

Tim Penhey

to status/vote changes:

rowez

1	=== modified file 'cert/cert.go'
2	--- cert/cert.go 2014-02-03 14:31:54 +0000
3	+++ cert/cert.go 2014-02-21 10:21:35 +0000
4	@@ -119,7 +119,7 @@
5
6	// NewServer generates a certificate/key pair suitable for use by a server.
7	func NewServer(caCertPEM, caKeyPEM []byte, expiry time.Time, hostnames []string) (certPEM, keyPEM []byte, err error) {
8	- return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, nil)
9	+ return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
10	}
11
12	// NewClient generates a certificate/key pair suitable for client authentication.
13	@@ -164,7 +164,7 @@
14	NotAfter: expiry.UTC(),
15
16	SubjectKeyId: bigIntHash(key.N),
17	- KeyUsage: x509.KeyUsageDataEncipherment,
18	+ KeyUsage: x509.KeyUsageKeyEncipherment \| x509.KeyUsageDigitalSignature \| x509.KeyUsageKeyAgreement,
19	ExtKeyUsage: extKeyUsage,
20	}
21	for _, hostname := range hostnames {
22
23	=== modified file 'cert/cert_test.go'
24	--- cert/cert_test.go 2013-09-24 05:42:43 +0000
25	+++ cert/cert_test.go 2014-02-21 10:21:35 +0000
26	@@ -86,6 +86,7 @@
27	c.Assert(srvCert.NotAfter.Equal(expiry), gc.Equals, true)
28	c.Assert(srvCert.BasicConstraintsValid, gc.Equals, false)
29	c.Assert(srvCert.IsCA, gc.Equals, false)
30	+ c.Assert(srvCert.ExtKeyUsage, gc.DeepEquals, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
31
32	checkTLSConnection(c, caCert, srvCert, srvKey)
33	}