QA » openQA Project » openQA Tests

action #155920

Updated by emiler 3 months ago

openQA test in scenario sle-15-SP6-Online-x86_64-fips_tests_crypt_openvpn_server@64bit fails in 
 [openvpn_server](https://openqa.suse.de/tests/13548439/modules/openvpn_server/steps/53) 

 The OpenVPN service fails to start: 

 ``` 
 × openvpn@static.service - OpenVPN tunneling daemon instance using /etc/openvpn/static.conf 
      Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; preset: disabled) 
      Active: failed (Result: exit-code) since Mon 2024-02-19 13:50:25 EST; 12ms ago 
    Duration: 3ms 
     Process: 2924 ExecStart=/usr/sbin/openvpn --daemon openvpn@static --writepid /run/openvpn/static.pid --cd /etc/openvpn/ --config static.conf (code=exited, status=1/FAILURE) 
    Main PID: 2924 (code=exited, status=1/FAILURE) 
      Status: "Pre-connection initialization successful" 
         CPU: 8ms 

 Feb 19 13:50:25 server systemd[1]: Starting OpenVPN tunneling daemon instance using /etc/openvpn/static.conf... 
 Feb 19 13:50:25 server openvpn@static[2924]: DEPRECATED OPTION: The option --secret is deprecated. 
 Feb 19 13:50:25 server openvpn@static[2924]: DEPRECATION: No tls-client or tls-server option in configuration detected. OpenVPN 2.7 will remove the functionality to run a VPN without TLS. See the examples section in the manual page for examples of a similar quick setup with peer-fingerprint. 
 Feb 19 13:50:25 server openvpn@static[2924]: OpenVPN 2.6.8 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] 
 Feb 19 13:50:25 server openvpn@static[2924]: library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10 
 Feb 19 13:50:25 server systemd[1]: Started OpenVPN tunneling daemon instance using /etc/openvpn/static.conf. 
 Feb 19 13:50:25 server openvpn@static[2924]: Cipher BF-CBC not supported 
 Feb 19 13:50:25 server openvpn@static[2924]: Exiting due to fatal error 
 Feb 19 13:50:25 server systemd[1]: openvpn@static.service: Main process exited, code=exited, status=1/FAILURE 
 Feb 19 13:50:25 server systemd[1]: openvpn@static.service: Failed with result 'exit-code'. 
 ``` 

 It seems like new versions (perhaps OpenSSL 3 migration?) do not support the BF-CBC F-CBC cipher. We might need to update our test data.

Back