Tests and TCP ports

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Feb 1 00:24:43 CET 2012

On 01/31/2012 05:27 PM, Ludovic Courtès wrote:

> Hello,
> Some of the tests work by connecting to localhost on some TCP port,
> and then exchanging over that connection.  These tests typically fail
> when the port cannot be listened, like: make[3]: Entering directory
> `/tmp/nix-build-1i4rvwc1v6vky76vplykl9z3qz220zlz-gnutls-3.0.11.drv-0/gnutls-3.0.11/tests/dsa'

> Checking various DSA key sizes Checking DSA-1024 with TLS 1.0 ***
> Fatal error: A TLS fatal alert has been received. *** Handshake has
> failed GnuTLS error: A TLS fatal alert has been received. Failure:
> Failed connection to a server with DSA 1024 key and TLS 1.0! FAIL:
> testdsa This is particularly a problem on Hydra where several builds
> may be running in parallel, and trying to access the same TCP port.

Hello Ludo,
 This is an open issue indeed. It has been low on priority though
because it is a one-time-off check, so it could be assumed to run in a
controlled environment. I don't plan to work on it but if there are
patches for that I'd be glad to accept.

> Possible solutions include:
> - Using Unix domain sockets, though the path name limitation doesn’t 
> play well with the long $builddir that Nix uses (as above.)

The sockets could be made relative to the directory, thus such a
limitation might not be a problem.

> - Trying several port numbers until one succeeds, the difficulty
> being that the port number has to be communicated to the child

> somehow.

I don't really like that.

> - Avoiding sockets entirely, by using ‘gnutls_transport_set_ptr’ &
> co. This doesn’t help for tests written as shell scripts, though. 
> (Perhaps these could be translated in Guile, which makes writing 
> tests easy while not compromising on expressive power.)

I've thought of moving the tests in a higher level language quite few
times. Guile(with scheme) could have been a candidate but I have given
up any attempt learning scheme or lisp. If guile supports lua at some
point, or I if I learn scheme, I'd reconsider.

Btw. If guile adds support for lua, would the binding for gnutls work,
or it would be a totally different story?


More information about the Gnutls-devel mailing list