[gdal-dev] test failures on pkgsrc build of 3.3.2rc3

Greg Troxel gdt at lexort.com
Fri Sep 3 17:28:08 PDT 2021 

Even Rouault <even.rouault at spatialys.com> writes:

>> FAILED gdrivers/eedai.py::test_eedai_GOOGLE_APPLICATION_CREDENTIALS - assert ...
> Not sure what happens here. Probably some harden configuration of
> openssl that rejects the private key ? Apparently it fails on Mac too
> from
> https://github.com/OSGeo/gdal/commit/7816b68130cc7a79e5477a47dc6eb0227f2ae47d 

This is pure speculation, but I see in the code:

   gdal.FileFromMemBuffer('/vsimem/my.json', """{
      "private_key":"-----BEGIN PRIVATE KEY-----

an I wonder if this file (in some VFS?) has an associated mode?  I would
sort of expect openssl to error if the private key file were readable by
group or other, and I don't understand this filefromstring big.  (I get
the concept; I just have no idea how it works.)

This may or may not be a more detailed run log:


============================= test session starts ==============================
platform netbsd9 -- Python 3.8.11, pytest-6.2.4, py-1.10.0, pluggy-0.13.1
rootdir: /home/n0/gdt/SOFTWARE/GEO/GDAL/gdal/autotest, configfile: pytest.ini
plugins: sugar-0.9.4, env-0.6.2
collected 9 items

gdrivers/eedai.py ...Fs...s                                              [100%]

=================================== FAILURES ===================================
__________________ test_eedai_GOOGLE_APPLICATION_CREDENTIALS ___________________

    def test_eedai_GOOGLE_APPLICATION_CREDENTIALS():
    
        if gdaltest.eedai_drv is None:
            pytest.skip()
    
        gdal.FileFromMemBuffer('/vsimem/my.json', """{
    "private_key":"-----BEGIN PRIVATE KEY-----
    MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOlwJQLLDG1HeLrk\n
    VNcFR5Qptto/rJE5emRuy0YmkVINT4uHb1be7OOo44C2Ev8QPVtNHHS2XwCY5gTm\n
    i2RfIBLv+VDMoVQPqqE0LHb0WeqGmM5V1tHbmVnIkCcKMn3HpK30grccuBc472LQ\n
    DVkkGqIiGu0qLAQ89JP/r0LWWySRAgMBAAECgYAWjsS00WRBByAOh1P/dz4kfidy\n
    TabiXbiLDf3MqJtwX2Lpa8wBjAc+NKrPXEjXpv0W3ou6Z4kkqKHJpXGg4GRb4N5I\n
    2FA+7T1lA0FCXa7dT2jvgJLgpBepJu5b//tqFqORb4A4gMZw0CiPN3sUsWsSw5Hd\n
    DrRXwp6sarzG77kvZQJBAPgysAmmXIIp9j1hrFSkctk4GPkOzZ3bxKt2Nl4GFrb+\n
    bpKSon6OIhP1edrxTz1SMD1k5FiAAVUrMDKSarbh5osCQQDwxq4Tvf/HiYz79JBg\n
    Wz5D51ySkbg01dOVgFW3eaYAdB6ta/o4vpHhnbrfl6VO9oUb3QR4hcrruwnDHsw3\n
    4mDTAkEA9FPZjbZSTOSH/cbgAXbdhE4/7zWOXj7Q7UVyob52r+/p46osAk9i5qj5\n
    Kvnv2lrFGDrwutpP9YqNaMtP9/aLnwJBALLWf9n+GAv3qRZD0zEe1KLPKD1dqvrj\n
    j+LNjd1Xp+tSVK7vMs4PDoAMDg+hrZF3HetSQM3cYpqxNFEPgRRJOy0CQQDQlZHI\n
    yzpSgEiyx8O3EK1iTidvnLXbtWabvjZFfIE/0OhfBmN225MtKG3YLV2HoUvpajLq\n
    gwE6fxOLyJDxuWRf\n
    -----END PRIVATE KEY-----",
    "client_email":"my at email.com"
    }""")
    
        gdal.SetConfigOption('EEDA_URL', '/vsimem/ee/')
        gdal.SetConfigOption('GOOGLE_APPLICATION_CREDENTIALS', '/vsimem/my.json')
        gdal.SetConfigOption('EEDA_PRIVATE_KEY', None)
        gdal.SetConfigOption('EEDA_CLIENT_EMAIL', None)
        gdal.SetConfigOption('GO2A_AUD', '/vsimem/oauth2/v4/token')
        gdal.SetConfigOption('GOA2_NOW', '123456')
        gdal.FileFromMemBuffer('/vsimem/oauth2/v4/token&POSTFIELDS=grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiAibXlAZW1haWwuY29tIiwgInNjb3BlIjogImh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL2F1dGgvZWFydGhlbmdpbmUucmVhZG9ubHkiLCAiYXVkIjogIi92c2ltZW0vb2F1dGgyL3Y0L3Rva2VuIiwgImlhdCI6IDEyMzQ1NiwgImV4cCI6IDEyNzA1Nn0%3D.1W564xcQESVsqZmBEIMzj4rr0RuGa4RiUPZp5H%2FNENN9V9oPSTdacw%2BMiu3pcFf9AJv8wj0ajUeRsgTmvSicAftER49xeCQYUrs6uV122FGVsxml26kMFacNsCgRad%2Fy7xCAhMPfRJsqxS2%2BB392ssBeEzTGCSI6W3AsJg64OfA%3D',
                               '{ "access_token": "my_token", "token_type": "Bearer", "expires_in": 3600 }')
    
        ds = gdal.Open('EEDAI:image')
    
        gdal.Unlink('/vsimem/my.json')
    
        gdal.SetConfigOption('EEDA_URL', None)
        gdal.SetConfigOption('GOOGLE_APPLICATION_CREDENTIALS', None)
        gdal.SetConfigOption('EEDA_PRIVATE_KEY', None)
        gdal.SetConfigOption('EEDA_CLIENT_EMAIL', None)
    
        if gdal.GetLastErrorMsg().find('CPLRSASHA256Sign() not implemented') >= 0:
            pytest.skip()
    
        if ds is None and gdaltest.is_github_workflow_mac():
            print(gdal.GetLastErrorMsg())
            pytest.xfail('Failure. See https://github.com/rouault/gdal/runs/1329425333?check_suite_focus=true')
    
>       assert ds is not None
E       assert None is not None

/home/n0/gdt/SOFTWARE/GEO/GDAL/gdal/autotest/gdrivers/eedai.py:439: AssertionError
----------------------------- Captured stderr call -----------------------------
ERROR 1: PEM_read_bio_PrivateKey() failed
=========================== short test summary info ============================
FAILED gdrivers/eedai.py::test_eedai_GOOGLE_APPLICATION_CREDENTIALS - assert ...
==================== 1 failed, 6 passed, 2 skipped in 0.59s ====================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/gdal-dev/attachments/20210903/497e716b/attachment.sig>

More information about the gdal-dev mailing list