Warning: Permanently added '54.86.198.10' (ED25519) to the list of known hosts.

You can reproduce this build on your computer by running:

  sudo dnf install copr-rpmbuild
  /usr/bin/copr-rpmbuild --verbose --drop-resultdir --task-url https://copr.fedorainfracloud.org/backend/get-build-task/8987046-fedora-42-aarch64 --chroot fedora-42-aarch64


Version: 1.3
PID: 9267
Logging PID: 9268
Task:
{'allow_user_ssh': False,
 'appstream': False,
 'background': False,
 'build_id': 8987046,
 'buildroot_pkgs': [],
 'chroot': 'fedora-42-aarch64',
 'enable_net': False,
 'fedora_review': False,
 'git_hash': '2e5bc75c5c46f4695290f693c49006398389e6c1',
 'git_repo': 'https://copr-dist-git.fedorainfracloud.org/git/nikromen/thesis/crypto-policies',
 'isolation': 'default',
 'memory_reqs': 2048,
 'package_name': 'crypto-policies',
 'package_version': '20250305-2.gita35b0fa',
 'project_dirname': 'thesis',
 'project_name': 'thesis',
 'project_owner': 'nikromen',
 'repo_priority': None,
 'repos': [{'baseurl': 'https://download.copr.fedorainfracloud.org/results/nikromen/thesis/fedora-42-aarch64/',
            'id': 'copr_base',
            'name': 'Copr repository',
            'priority': None}],
 'sandbox': 'nikromen/thesis--nikromen',
 'source_json': {},
 'source_type': None,
 'ssh_public_keys': None,
 'storage': 0,
 'submitter': 'nikromen',
 'tags': [],
 'task_id': '8987046-fedora-42-aarch64',
 'timeout': 18000,
 'uses_devel_repo': False,
 'with_opts': [],
 'without_opts': []}

Running: git clone https://copr-dist-git.fedorainfracloud.org/git/nikromen/thesis/crypto-policies /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies --depth 500 --no-single-branch --recursive

cmd: ['git', 'clone', 'https://copr-dist-git.fedorainfracloud.org/git/nikromen/thesis/crypto-policies', '/var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies', '--depth', '500', '--no-single-branch', '--recursive']
cwd: .
rc: 0
stdout: 
stderr: Cloning into '/var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies'...

Running: git checkout 2e5bc75c5c46f4695290f693c49006398389e6c1 --

cmd: ['git', 'checkout', '2e5bc75c5c46f4695290f693c49006398389e6c1', '--']
cwd: /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies
rc: 0
stdout: 
stderr: Note: switching to '2e5bc75c5c46f4695290f693c49006398389e6c1'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at 2e5bc75 automatic import of crypto-policies

Running: dist-git-client sources

cmd: ['dist-git-client', 'sources']
cwd: /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies
rc: 0
stdout: 
stderr: INFO: Reading stdout from command: git rev-parse --abbrev-ref HEAD
INFO: Reading stdout from command: git rev-parse HEAD
INFO: Reading sources specification file: sources
INFO: Downloading crypto-policies-gita35b0fa.tar.gz
INFO: Reading stdout from command: curl --help all
INFO: Calling: curl -H Pragma: -o crypto-policies-gita35b0fa.tar.gz --location --connect-timeout 60 --retry 3 --retry-delay 10 --remote-time --show-error --fail --retry-all-errors https://copr-dist-git.fedorainfracloud.org/repo/pkgs/nikromen/thesis/crypto-policies/crypto-policies-gita35b0fa.tar.gz/md5/2a67077577ec9a8e470033d2cfe99e74/crypto-policies-gita35b0fa.tar.gz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 93128  100 93128    0     0  7320k      0 --:--:-- --:--:-- --:--:-- 7578k
INFO: Reading stdout from command: md5sum crypto-policies-gita35b0fa.tar.gz

/usr/bin/tail: /var/lib/copr-rpmbuild/main.log: file truncated
Running (timeout=18000): unbuffer mock --spec /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies/crypto-policies.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1746118400.577433 -r /var/lib/copr-rpmbuild/results/configs/child.cfg
INFO: mock.py version 6.1 starting (python version = 3.13.0, NVR = mock-6.1-1.fc41), args: /usr/libexec/mock/mock --spec /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies/crypto-policies.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1746118400.577433 -r /var/lib/copr-rpmbuild/results/configs/child.cfg
Start(bootstrap): init plugins
INFO: tmpfs initialized
INFO: selinux enabled
INFO: chroot_scan: initialized
INFO: compress_logs: initialized
Finish(bootstrap): init plugins
Start: init plugins
INFO: tmpfs initialized
INFO: selinux enabled
INFO: chroot_scan: initialized
INFO: compress_logs: initialized
Finish: init plugins
INFO: Signal handler active
Start: run
INFO: Start(/var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies/crypto-policies.spec)  Config(fedora-42-aarch64)
Start: clean chroot
Finish: clean chroot
Mock Version: 6.1
INFO: Mock Version: 6.1
Start(bootstrap): chroot init
INFO: mounting tmpfs at /var/lib/mock/fedora-42-aarch64-bootstrap-1746118400.577433/root.
INFO: calling preinit hooks
INFO: enabled root cache
INFO: enabled package manager cache
Start(bootstrap): cleaning package manager metadata
Finish(bootstrap): cleaning package manager metadata
INFO: Guessed host environment type: unknown
INFO: Using container image: registry.fedoraproject.org/fedora:42
INFO: Pulling image: registry.fedoraproject.org/fedora:42
INFO: Tagging container image as mock-bootstrap-4ad9295e-bfd6-4050-85c0-ca406224f010
INFO: Checking that 4766e2db7e0b0e16b92110ad409cb379e212558bd6816f5204797ec6944d6c71 image matches host's architecture
INFO: Copy content of container 4766e2db7e0b0e16b92110ad409cb379e212558bd6816f5204797ec6944d6c71 to /var/lib/mock/fedora-42-aarch64-bootstrap-1746118400.577433/root
INFO: mounting 4766e2db7e0b0e16b92110ad409cb379e212558bd6816f5204797ec6944d6c71 with podman image mount
INFO: image 4766e2db7e0b0e16b92110ad409cb379e212558bd6816f5204797ec6944d6c71 as /var/lib/containers/storage/overlay/73ee35b46d191ee999ffb008f2ba73a770bb6dec0dfd36ab510de75727e34d32/merged
INFO: umounting image 4766e2db7e0b0e16b92110ad409cb379e212558bd6816f5204797ec6944d6c71 (/var/lib/containers/storage/overlay/73ee35b46d191ee999ffb008f2ba73a770bb6dec0dfd36ab510de75727e34d32/merged) with podman image umount
INFO: Removing image mock-bootstrap-4ad9295e-bfd6-4050-85c0-ca406224f010
INFO: Package manager dnf5 detected and used (fallback)
INFO: Not updating bootstrap chroot, bootstrap_image_ready=True
Start(bootstrap): creating root cache
Finish(bootstrap): creating root cache
Finish(bootstrap): chroot init
Start: chroot init
INFO: mounting tmpfs at /var/lib/mock/fedora-42-aarch64-1746118400.577433/root.
INFO: calling preinit hooks
INFO: enabled root cache
INFO: enabled package manager cache
Start: cleaning package manager metadata
Finish: cleaning package manager metadata
INFO: enabled HW Info plugin
INFO: Package manager dnf5 detected and used (direct choice)
INFO: Buildroot is handled by package management downloaded with a bootstrap image:
  rpm-4.20.1-1.fc42.aarch64
  rpm-sequoia-1.7.0-5.fc42.aarch64
  dnf5-5.2.13.1-1.fc42.aarch64
  dnf5-plugins-5.2.13.1-1.fc42.aarch64
Start: installing minimal buildroot with dnf5
Updating and loading repositories:
 updates                                100% |  36.1 MiB/s |   5.1 MiB |  00m00s
 fedora                                 100% |  47.5 MiB/s |  34.2 MiB |  00m01s
 Copr repository                        100% | 229.9 KiB/s |  22.5 KiB |  00m00s
Repositories loaded.
Package                            Arch    Version                    Repository      Size
Installing group/module packages:
 bash                              aarch64 5.2.37-1.fc42              fedora       8.2 MiB
 bzip2                             aarch64 1.0.8-20.fc42              fedora     171.3 KiB
 coreutils                         aarch64 9.6-2.fc42                 fedora       8.2 MiB
 cpio                              aarch64 2.15-4.fc42                fedora       1.1 MiB
 diffutils                         aarch64 3.12-1.fc42                updates      1.6 MiB
 fedora-release-common             noarch  42-27                      copr_base   20.2 KiB
 findutils                         aarch64 1:4.10.0-5.fc42            fedora       1.9 MiB
 gawk                              aarch64 5.3.1-1.fc42               fedora       2.4 MiB
 glibc-minimal-langpack            aarch64 2.41-5.fc42                updates      0.0   B
 grep                              aarch64 3.11-10.fc42               fedora       1.0 MiB
 gzip                              aarch64 1.13-3.fc42                fedora     424.7 KiB
 info                              aarch64 7.2-3.fc42                 fedora     421.6 KiB
 patch                             aarch64 2.8-1.fc42                 updates    262.5 KiB
 redhat-rpm-config                 noarch  342-4.fc42                 updates    185.5 KiB
 rpm-build                         aarch64 4.20.1-1.fc42              fedora     524.4 KiB
 sed                               aarch64 4.9-4.fc42                 fedora     873.2 KiB
 shadow-utils                      aarch64 2:4.17.4-1.fc42            fedora       4.5 MiB
 tar                               aarch64 2:1.35-5.fc42              fedora       3.0 MiB
 unzip                             aarch64 6.0-66.fc42                fedora     470.2 KiB
 util-linux                        aarch64 2.40.4-7.fc42              fedora       6.6 MiB
 which                             aarch64 2.23-1.fc42                fedora     123.4 KiB
 xz                                aarch64 1:5.8.1-2.fc42             updates      1.4 MiB
Installing dependencies:
 add-determinism                   aarch64 0.6.0-1.fc42               fedora       2.2 MiB
 alternatives                      aarch64 1.32-1.fc42                fedora      90.2 KiB
 ansible-srpm-macros               noarch  1-17.1.fc42                fedora      35.7 KiB
 audit-libs                        aarch64 4.0.3-2.fc42               fedora     415.2 KiB
 basesystem                        noarch  11-22.fc42                 fedora       0.0   B
 binutils                          aarch64 2.44-3.fc42                fedora      29.3 MiB
 build-reproducibility-srpm-macros noarch  0.6.0-1.fc42               fedora     735.0   B
 bzip2-libs                        aarch64 1.0.8-20.fc42              fedora      72.6 KiB
 ca-certificates                   noarch  2024.2.69_v8.0.401-6.fc42  updates      2.6 MiB
 coreutils-common                  aarch64 9.6-2.fc42                 fedora      11.1 MiB
 crypto-policies                   noarch  20250214-1.gitff7551b.fc42 fedora     137.2 KiB
 curl                              aarch64 8.11.1-4.fc42              fedora     454.7 KiB
 cyrus-sasl-lib                    aarch64 2.1.28-30.fc42             fedora       2.4 MiB
 debugedit                         aarch64 5.1-6.fc42                 updates    244.6 KiB
 dwz                               aarch64 0.15-9.fc42                fedora     322.6 KiB
 ed                                aarch64 1.21-2.fc42                fedora     154.5 KiB
 efi-srpm-macros                   noarch  6-3.fc42                   updates     40.1 KiB
 elfutils                          aarch64 0.192-9.fc42               fedora       3.2 MiB
 elfutils-debuginfod-client        aarch64 0.192-9.fc42               fedora     143.9 KiB
 elfutils-default-yama-scope       noarch  0.192-9.fc42               fedora       1.8 KiB
 elfutils-libelf                   aarch64 0.192-9.fc42               fedora       1.2 MiB
 elfutils-libs                     aarch64 0.192-9.fc42               fedora     746.3 KiB
 fedora-gpg-keys                   noarch  42-1                       fedora     128.2 KiB
 fedora-release                    noarch  42-27                      copr_base    0.0   B
 fedora-release-identity-basic     noarch  42-27                      copr_base  646.0   B
 fedora-repos                      noarch  42-1                       fedora       4.9 KiB
 file                              aarch64 5.46-1.fc42                fedora     140.2 KiB
 file-libs                         aarch64 5.46-1.fc42                fedora      11.9 MiB
 filesystem                        aarch64 3.18-36.fc42               fedora     112.0   B
 filesystem-srpm-macros            noarch  3.18-36.fc42               fedora      38.2 KiB
 fonts-srpm-macros                 noarch  1:2.0.5-21.fc42            fedora      55.8 KiB
 forge-srpm-macros                 noarch  0.4.0-2.fc42               fedora      38.9 KiB
 fpc-srpm-macros                   noarch  1.3-14.fc42                fedora     144.0   B
 gdb-minimal                       aarch64 16.2-3.fc42                fedora      13.0 MiB
 gdbm-libs                         aarch64 1:1.23-9.fc42              fedora     234.0 KiB
 ghc-srpm-macros                   noarch  1.9.2-2.fc42               fedora     779.0   B
 glibc                             aarch64 2.41-5.fc42                updates      6.2 MiB
 glibc-common                      aarch64 2.41-5.fc42                updates      1.3 MiB
 glibc-gconv-extra                 aarch64 2.41-5.fc42                updates     18.6 MiB
 gmp                               aarch64 1:6.3.0-4.fc42             fedora     657.9 KiB
 gnat-srpm-macros                  noarch  6-7.fc42                   fedora       1.0 KiB
 go-srpm-macros                    noarch  3.6.0-6.fc42               fedora      60.8 KiB
 jansson                           aarch64 2.14-2.fc42                fedora      93.2 KiB
 json-c                            aarch64 0.18-2.fc42                fedora     138.7 KiB
 kernel-srpm-macros                noarch  1.0-25.fc42                fedora       1.9 KiB
 keyutils-libs                     aarch64 1.6.3-5.fc42               fedora      98.3 KiB
 krb5-libs                         aarch64 1.21.3-5.fc42              fedora       2.5 MiB
 libacl                            aarch64 2.3.2-3.fc42               fedora      66.3 KiB
 libarchive                        aarch64 3.7.7-4.fc42               fedora     910.6 KiB
 libattr                           aarch64 2.5.2-5.fc42               fedora      67.1 KiB
 libblkid                          aarch64 2.40.4-7.fc42              fedora     290.5 KiB
 libbrotli                         aarch64 1.1.0-6.fc42               fedora     909.5 KiB
 libcap                            aarch64 2.73-2.fc42                fedora     506.8 KiB
 libcap-ng                         aarch64 0.8.5-4.fc42               fedora     160.9 KiB
 libcom_err                        aarch64 1.47.2-3.fc42              fedora     111.2 KiB
 libcurl                           aarch64 8.11.1-4.fc42              fedora     794.0 KiB
 libeconf                          aarch64 0.7.6-1.fc42               fedora      80.6 KiB
 libevent                          aarch64 2.1.12-15.fc42             fedora       1.1 MiB
 libfdisk                          aarch64 2.40.4-7.fc42              fedora     418.8 KiB
 libffi                            aarch64 3.4.6-5.fc42               fedora     154.4 KiB
 libgcc                            aarch64 15.1.1-1.fc42              updates    222.2 KiB
 libgomp                           aarch64 15.1.1-1.fc42              updates    514.0 KiB
 libidn2                           aarch64 2.3.8-1.fc42               fedora     560.6 KiB
 libmount                          aarch64 2.40.4-7.fc42              fedora     355.8 KiB
 libnghttp2                        aarch64 1.64.0-3.fc42              fedora     198.1 KiB
 libpkgconf                        aarch64 2.3.0-2.fc42               fedora     134.0 KiB
 libpsl                            aarch64 0.21.5-5.fc42              fedora     132.5 KiB
 libselinux                        aarch64 3.8-1.fc42                 fedora     201.1 KiB
 libsemanage                       aarch64 3.8-1.fc42                 fedora     360.0 KiB
 libsepol                          aarch64 3.8-1.fc42                 fedora     809.9 KiB
 libsmartcols                      aarch64 2.40.4-7.fc42              fedora     224.4 KiB
 libssh                            aarch64 0.11.1-4.fc42              fedora     585.4 KiB
 libssh-config                     noarch  0.11.1-4.fc42              fedora     277.0   B
 libstdc++                         aarch64 15.1.1-1.fc42              updates      2.8 MiB
 libtasn1                          aarch64 4.20.0-1.fc42              fedora     220.3 KiB
 libtool-ltdl                      aarch64 2.5.4-4.fc42               fedora      94.0 KiB
 libunistring                      aarch64 1.1-9.fc42                 fedora       1.7 MiB
 libuuid                           aarch64 2.40.4-7.fc42              fedora      69.4 KiB
 libverto                          aarch64 0.3.2-10.fc42              fedora      69.4 KiB
 libxcrypt                         aarch64 4.4.38-7.fc42              updates    272.5 KiB
 libxml2                           aarch64 2.12.10-1.fc42             fedora       1.9 MiB
 libzstd                           aarch64 1.5.7-1.fc42               fedora     667.7 KiB
 lua-libs                          aarch64 5.4.7-3.fc42               fedora     328.9 KiB
 lua-srpm-macros                   noarch  1-15.fc42                  fedora       1.3 KiB
 lz4-libs                          aarch64 1.10.0-2.fc42              fedora     197.4 KiB
 mpfr                              aarch64 4.2.2-1.fc42               fedora     755.6 KiB
 ncurses-base                      noarch  6.5-5.20250125.fc42        fedora     326.8 KiB
 ncurses-libs                      aarch64 6.5-5.20250125.fc42        fedora       1.2 MiB
 ocaml-srpm-macros                 noarch  10-4.fc42                  fedora       1.9 KiB
 openblas-srpm-macros              noarch  2-19.fc42                  fedora     112.0   B
 openldap                          aarch64 2.6.9-3.fc42               fedora     697.3 KiB
 openssl-libs                      aarch64 1:3.2.4-3.fc42             fedora       6.3 MiB
 p11-kit                           aarch64 0.25.5-5.fc42              fedora       2.4 MiB
 p11-kit-trust                     aarch64 0.25.5-5.fc42              fedora     463.3 KiB
 package-notes-srpm-macros         noarch  0.5-13.fc42                fedora       1.6 KiB
 pam-libs                          aarch64 1.7.0-4.fc42               fedora     222.9 KiB
 pcre2                             aarch64 10.45-1.fc42               fedora     713.6 KiB
 pcre2-syntax                      noarch  10.45-1.fc42               fedora     273.9 KiB
 perl-srpm-macros                  noarch  1-57.fc42                  fedora     861.0   B
 pkgconf                           aarch64 2.3.0-2.fc42               fedora     112.4 KiB
 pkgconf-m4                        noarch  2.3.0-2.fc42               fedora      14.4 KiB
 pkgconf-pkg-config                aarch64 2.3.0-2.fc42               fedora     990.0   B
 popt                              aarch64 1.19-8.fc42                fedora     144.8 KiB
 publicsuffix-list-dafsa           noarch  20250116-1.fc42            fedora      68.5 KiB
 pyproject-srpm-macros             noarch  1.18.1-1.fc42              fedora       1.9 KiB
 python-srpm-macros                noarch  3.13-4.fc42                fedora      51.0 KiB
 qt5-srpm-macros                   noarch  5.15.15-1.fc42             fedora     500.0   B
 qt6-srpm-macros                   noarch  6.9.0-2.fc42               updates    464.0   B
 readline                          aarch64 8.2-13.fc42                fedora     561.0 KiB
 rpm                               aarch64 4.20.1-1.fc42              fedora       3.3 MiB
 rpm-build-libs                    aarch64 4.20.1-1.fc42              fedora     198.6 KiB
 rpm-libs                          aarch64 4.20.1-1.fc42              fedora     733.5 KiB
 rpm-sequoia                       aarch64 1.7.0-5.fc42               fedora       2.3 MiB
 rust-srpm-macros                  noarch  26.3-4.fc42                fedora       4.8 KiB
 setup                             noarch  2.15.0-13.fc42             fedora     720.9 KiB
 sqlite-libs                       aarch64 3.47.2-2.fc42              fedora       1.5 MiB
 systemd-libs                      aarch64 257.5-2.fc42               updates      2.3 MiB
 systemd-standalone-sysusers       aarch64 257.5-2.fc42               updates    329.4 KiB
 tree-sitter-srpm-macros           noarch  0.1.0-8.fc42               fedora       6.5 KiB
 util-linux-core                   aarch64 2.40.4-7.fc42              fedora       2.4 MiB
 xxhash-libs                       aarch64 0.8.3-2.fc42               fedora      85.9 KiB
 xz-libs                           aarch64 1:5.8.1-2.fc42             updates    201.5 KiB
 zig-srpm-macros                   noarch  1-4.fc42                   fedora       1.1 KiB
 zip                               aarch64 3.0-43.fc42                fedora     762.5 KiB
 zlib-ng-compat                    aarch64 2.2.4-3.fc42               fedora     133.4 KiB
 zstd                              aarch64 1.5.7-1.fc42               fedora       1.5 MiB
Installing groups:
 Buildsystem building group                                                               

Transaction Summary:
 Installing:       148 packages

Total size of inbound packages is 51 MiB. Need to download 51 MiB.
After this operation, 202 MiB extra will be used (install 202 MiB, remove 0 B).
[  1/148] bzip2-0:1.0.8-20.fc42.aarch64 100% |   3.9 MiB/s |  52.0 KiB |  00m00s
[  2/148] bash-0:5.2.37-1.fc42.aarch64  100% |  74.6 MiB/s |   1.8 MiB |  00m00s
[  3/148] cpio-0:2.15-4.fc42.aarch64    100% |  25.8 MiB/s | 291.1 KiB |  00m00s
[  4/148] coreutils-0:9.6-2.fc42.aarch6 100% |  38.1 MiB/s |   1.1 MiB |  00m00s
[  5/148] findutils-1:4.10.0-5.fc42.aar 100% | 108.3 MiB/s | 554.3 KiB |  00m00s
[  6/148] grep-0:3.11-10.fc42.aarch64   100% |  48.3 MiB/s | 296.5 KiB |  00m00s
[  7/148] gzip-0:1.13-3.fc42.aarch64    100% |  23.5 MiB/s | 168.1 KiB |  00m00s
[  8/148] info-0:7.2-3.fc42.aarch64     100% |  29.2 MiB/s | 179.5 KiB |  00m00s
[  9/148] rpm-build-0:4.20.1-1.fc42.aar 100% |  16.2 MiB/s |  82.7 KiB |  00m00s
[ 10/148] gawk-0:5.3.1-1.fc42.aarch64   100% |  50.3 MiB/s |   1.1 MiB |  00m00s
[ 11/148] sed-0:4.9-4.fc42.aarch64      100% |  38.4 MiB/s | 314.8 KiB |  00m00s
[ 12/148] shadow-utils-2:4.17.4-1.fc42. 100% | 109.9 MiB/s |   1.3 MiB |  00m00s
[ 13/148] unzip-0:6.0-66.fc42.aarch64   100% |  29.8 MiB/s | 183.0 KiB |  00m00s
[ 14/148] tar-2:1.35-5.fc42.aarch64     100% |  75.7 MiB/s | 853.0 KiB |  00m00s
[ 15/148] util-linux-0:2.40.4-7.fc42.aa 100% | 163.0 MiB/s |   1.1 MiB |  00m00s
[ 16/148] diffutils-0:3.12-1.fc42.aarch 100% |  63.6 MiB/s | 390.5 KiB |  00m00s
[ 17/148] glibc-minimal-langpack-0:2.41 100% |  37.7 MiB/s | 115.7 KiB |  00m00s
[ 18/148] patch-0:2.8-1.fc42.aarch64    100% |  36.4 MiB/s | 111.7 KiB |  00m00s
[ 19/148] which-0:2.23-1.fc42.aarch64   100% |   2.5 MiB/s |  41.3 KiB |  00m00s
[ 20/148] fedora-release-common-0:42-27 100% |   2.1 MiB/s |  26.2 KiB |  00m00s
[ 21/148] redhat-rpm-config-0:342-4.fc4 100% |  19.8 MiB/s |  81.1 KiB |  00m00s
[ 22/148] xz-1:5.8.1-2.fc42.aarch64     100% | 112.0 MiB/s | 573.4 KiB |  00m00s
[ 23/148] ncurses-libs-0:6.5-5.20250125 100% |  63.3 MiB/s | 324.2 KiB |  00m00s
[ 24/148] bzip2-libs-0:1.0.8-20.fc42.aa 100% |   5.7 MiB/s |  41.2 KiB |  00m00s
[ 25/148] filesystem-0:3.18-36.fc42.aar 100% | 102.4 MiB/s |   1.3 MiB |  00m00s
[ 26/148] gmp-1:6.3.0-4.fc42.aarch64    100% |  38.0 MiB/s | 272.4 KiB |  00m00s
[ 27/148] libacl-0:2.3.2-3.fc42.aarch64 100% |   3.7 MiB/s |  22.8 KiB |  00m00s
[ 28/148] coreutils-common-0:9.6-2.fc42 100% | 111.6 MiB/s |   2.1 MiB |  00m00s
[ 29/148] libattr-0:2.5.2-5.fc42.aarch6 100% |   2.3 MiB/s |  16.4 KiB |  00m00s
[ 30/148] libcap-0:2.73-2.fc42.aarch64  100% |  10.4 MiB/s |  85.3 KiB |  00m00s
[ 31/148] openssl-libs-1:3.2.4-3.fc42.a 100% | 198.1 MiB/s |   2.2 MiB |  00m00s
[ 32/148] readline-0:8.2-13.fc42.aarch6 100% |  41.3 MiB/s | 211.7 KiB |  00m00s
[ 33/148] pcre2-0:10.45-1.fc42.aarch64  100% |  79.0 MiB/s | 242.7 KiB |  00m00s
[ 34/148] binutils-0:2.44-3.fc42.aarch6 100% | 237.3 MiB/s |   6.2 MiB |  00m00s
[ 35/148] libselinux-0:3.8-1.fc42.aarch 100% |   1.9 MiB/s |  95.9 KiB |  00m00s
[ 36/148] elfutils-libelf-0:0.192-9.fc4 100% |  28.9 MiB/s | 207.2 KiB |  00m00s
[ 37/148] elfutils-0:0.192-9.fc42.aarch 100% |  52.3 MiB/s | 536.0 KiB |  00m00s
[ 38/148] mpfr-0:4.2.2-1.fc42.aarch64   100% |   5.5 MiB/s | 322.3 KiB |  00m00s
[ 39/148] libarchive-0:3.7.7-4.fc42.aar 100% |  99.1 MiB/s | 405.9 KiB |  00m00s
[ 40/148] pkgconf-pkg-config-0:2.3.0-2. 100% |   2.4 MiB/s |   9.9 KiB |  00m00s
[ 41/148] popt-0:1.19-8.fc42.aarch64    100% |  16.0 MiB/s |  65.4 KiB |  00m00s
[ 42/148] rpm-0:4.20.1-1.fc42.aarch64   100% |  89.6 MiB/s | 550.4 KiB |  00m00s
[ 43/148] rpm-build-libs-0:4.20.1-1.fc4 100% |  18.4 MiB/s |  94.3 KiB |  00m00s
[ 44/148] rpm-libs-0:4.20.1-1.fc42.aarc 100% |  74.5 MiB/s | 305.2 KiB |  00m00s
[ 45/148] file-0:5.46-1.fc42.aarch64    100% |   2.7 MiB/s |  48.9 KiB |  00m00s
[ 46/148] libeconf-0:0.7.6-1.fc42.aarch 100% |  17.2 MiB/s |  35.3 KiB |  00m00s
[ 47/148] zstd-0:1.5.7-1.fc42.aarch64   100% |  72.5 MiB/s | 445.4 KiB |  00m00s
[ 48/148] audit-libs-0:4.0.3-2.fc42.aar 100% |  24.6 MiB/s | 126.0 KiB |  00m00s
[ 49/148] libsemanage-0:3.8-1.fc42.aarc 100% |  38.7 MiB/s | 118.8 KiB |  00m00s
[ 50/148] pam-libs-0:1.7.0-4.fc42.aarch 100% |  28.3 MiB/s |  58.0 KiB |  00m00s
[ 51/148] setup-0:2.15.0-13.fc42.noarch 100% |  38.0 MiB/s | 155.8 KiB |  00m00s
[ 52/148] libblkid-0:2.40.4-7.fc42.aarc 100% |  58.8 MiB/s | 120.5 KiB |  00m00s
[ 53/148] libcap-ng-0:0.8.5-4.fc42.aarc 100% |   7.9 MiB/s |  32.3 KiB |  00m00s
[ 54/148] libfdisk-0:2.40.4-7.fc42.aarc 100% |  37.0 MiB/s | 151.4 KiB |  00m00s
[ 55/148] libmount-0:2.40.4-7.fc42.aarc 100% |  36.6 MiB/s | 150.0 KiB |  00m00s
[ 56/148] libsmartcols-0:2.40.4-7.fc42. 100% |  25.8 MiB/s |  79.2 KiB |  00m00s
[ 57/148] libuuid-0:2.40.4-7.fc42.aarch 100% |  12.4 MiB/s |  25.3 KiB |  00m00s
[ 58/148] zlib-ng-compat-0:2.2.4-3.fc42 100% |  21.5 MiB/s |  65.9 KiB |  00m00s
[ 59/148] fedora-repos-0:42-1.noarch    100% |   3.0 MiB/s |   9.2 KiB |  00m00s
[ 60/148] util-linux-core-0:2.40.4-7.fc 100% |  84.7 MiB/s | 520.6 KiB |  00m00s
[ 61/148] glibc-common-0:2.41-5.fc42.aa 100% |  42.3 MiB/s | 390.0 KiB |  00m00s
[ 62/148] ed-0:1.21-2.fc42.aarch64      100% |  10.0 MiB/s |  81.9 KiB |  00m00s
[ 63/148] build-reproducibility-srpm-ma 100% |   5.7 MiB/s |  11.7 KiB |  00m00s
[ 64/148] glibc-0:2.41-5.fc42.aarch64   100% | 124.7 MiB/s |   1.9 MiB |  00m00s
[ 65/148] ansible-srpm-macros-0:1-17.1. 100% |   4.0 MiB/s |  20.3 KiB |  00m00s
[ 66/148] dwz-0:0.15-9.fc42.aarch64     100% |  32.2 MiB/s | 131.7 KiB |  00m00s
[ 67/148] fonts-srpm-macros-1:2.0.5-21. 100% |  13.2 MiB/s |  27.1 KiB |  00m00s
[ 68/148] filesystem-srpm-macros-0:3.18 100% |   6.2 MiB/s |  25.6 KiB |  00m00s
[ 69/148] forge-srpm-macros-0:0.4.0-2.f 100% |   9.7 MiB/s |  19.9 KiB |  00m00s
[ 70/148] fpc-srpm-macros-0:1.3-14.fc42 100% |   3.9 MiB/s |   8.0 KiB |  00m00s
[ 71/148] ghc-srpm-macros-0:1.9.2-2.fc4 100% |   4.5 MiB/s |   9.2 KiB |  00m00s
[ 72/148] gnat-srpm-macros-0:6-7.fc42.n 100% |   4.2 MiB/s |   8.6 KiB |  00m00s
[ 73/148] go-srpm-macros-0:3.6.0-6.fc42 100% |  13.5 MiB/s |  27.7 KiB |  00m00s
[ 74/148] kernel-srpm-macros-0:1.0-25.f 100% |   4.8 MiB/s |   9.9 KiB |  00m00s
[ 75/148] lua-srpm-macros-0:1-15.fc42.n 100% |   8.7 MiB/s |   8.9 KiB |  00m00s
[ 76/148] ocaml-srpm-macros-0:10-4.fc42 100% |   9.0 MiB/s |   9.2 KiB |  00m00s
[ 77/148] openblas-srpm-macros-0:2-19.f 100% |   3.8 MiB/s |   7.8 KiB |  00m00s
[ 78/148] package-notes-srpm-macros-0:0 100% |   4.5 MiB/s |   9.3 KiB |  00m00s
[ 79/148] perl-srpm-macros-0:1-57.fc42. 100% |   4.2 MiB/s |   8.5 KiB |  00m00s
[ 80/148] pyproject-srpm-macros-0:1.18. 100% |   6.8 MiB/s |  13.9 KiB |  00m00s
[ 81/148] python-srpm-macros-0:3.13-4.f 100% |  11.2 MiB/s |  23.0 KiB |  00m00s
[ 82/148] qt5-srpm-macros-0:5.15.15-1.f 100% |   8.7 MiB/s |   8.9 KiB |  00m00s
[ 83/148] rust-srpm-macros-0:26.3-4.fc4 100% |   5.7 MiB/s |  11.7 KiB |  00m00s
[ 84/148] zig-srpm-macros-0:1-4.fc42.no 100% |   8.1 MiB/s |   8.2 KiB |  00m00s
[ 85/148] tree-sitter-srpm-macros-0:0.1 100% |   5.5 MiB/s |  11.2 KiB |  00m00s
[ 86/148] zip-0:3.0-43.fc42.aarch64     100% |  85.0 MiB/s | 261.1 KiB |  00m00s
[ 87/148] ncurses-base-0:6.5-5.20250125 100% |  21.5 MiB/s |  88.1 KiB |  00m00s
[ 88/148] xz-libs-1:5.8.1-2.fc42.aarch6 100% |  21.7 MiB/s | 111.2 KiB |  00m00s
[ 89/148] libsepol-0:3.8-1.fc42.aarch64 100% |  79.1 MiB/s | 323.9 KiB |  00m00s
[ 90/148] crypto-policies-0:20250214-1. 100% |  19.3 MiB/s |  98.7 KiB |  00m00s
[ 91/148] pcre2-syntax-0:10.45-1.fc42.n 100% |  31.6 MiB/s | 161.7 KiB |  00m00s
[ 92/148] alternatives-0:1.32-1.fc42.aa 100% |   8.0 MiB/s |  40.8 KiB |  00m00s
[ 93/148] elfutils-debuginfod-client-0: 100% |  14.9 MiB/s |  45.7 KiB |  00m00s
[ 94/148] jansson-0:2.14-2.fc42.aarch64 100% |  15.2 MiB/s |  46.8 KiB |  00m00s
[ 95/148] elfutils-libs-0:0.192-9.fc42. 100% |  63.4 MiB/s | 259.7 KiB |  00m00s
[ 96/148] libzstd-0:1.5.7-1.fc42.aarch6 100% |  55.3 MiB/s | 283.3 KiB |  00m00s
[ 97/148] file-libs-0:5.46-1.fc42.aarch 100% | 118.3 MiB/s | 847.6 KiB |  00m00s
[ 98/148] lz4-libs-0:1.10.0-2.fc42.aarc 100% |  19.4 MiB/s |  79.6 KiB |  00m00s
[ 99/148] libxml2-0:2.12.10-1.fc42.aarc 100% | 110.6 MiB/s | 679.8 KiB |  00m00s
[100/148] pkgconf-0:2.3.0-2.fc42.aarch6 100% |  14.5 MiB/s |  44.7 KiB |  00m00s
[101/148] pkgconf-m4-0:2.3.0-2.fc42.noa 100% |   7.0 MiB/s |  14.2 KiB |  00m00s
[102/148] curl-0:8.11.1-4.fc42.aarch64  100% |  53.4 MiB/s | 218.7 KiB |  00m00s
[103/148] lua-libs-0:5.4.7-3.fc42.aarch 100% |  31.4 MiB/s | 128.8 KiB |  00m00s
[104/148] rpm-sequoia-0:1.7.0-5.fc42.aa 100% | 169.5 MiB/s | 867.9 KiB |  00m00s
[105/148] fedora-gpg-keys-0:42-1.noarch 100% |  26.5 MiB/s | 135.6 KiB |  00m00s
[106/148] sqlite-libs-0:3.47.2-2.fc42.a 100% |  87.0 MiB/s | 712.7 KiB |  00m00s
[107/148] basesystem-0:11-22.fc42.noarc 100% |   2.4 MiB/s |   7.3 KiB |  00m00s
[108/148] glibc-gconv-extra-0:2.41-5.fc 100% |  75.3 MiB/s |   1.7 MiB |  00m00s
[109/148] json-c-0:0.18-2.fc42.aarch64  100% |   2.3 MiB/s |  44.9 KiB |  00m00s
[110/148] add-determinism-0:0.6.0-1.fc4 100% |  36.2 MiB/s | 852.2 KiB |  00m00s
[111/148] elfutils-default-yama-scope-0 100% |   2.0 MiB/s |  12.4 KiB |  00m00s
[112/148] libgcc-0:15.1.1-1.fc42.aarch6 100% |  17.9 MiB/s | 110.1 KiB |  00m00s
[113/148] libstdc++-0:15.1.1-1.fc42.aar 100% | 102.9 MiB/s | 842.8 KiB |  00m00s
[114/148] libpkgconf-0:2.3.0-2.fc42.aar 100% |   2.9 MiB/s |  38.2 KiB |  00m00s
[115/148] libxcrypt-0:4.4.38-7.fc42.aar 100% |  30.3 MiB/s | 124.1 KiB |  00m00s
[116/148] libgomp-0:15.1.1-1.fc42.aarch 100% |  68.7 MiB/s | 351.8 KiB |  00m00s
[117/148] debugedit-0:5.1-6.fc42.aarch6 100% |  19.2 MiB/s |  78.5 KiB |  00m00s
[118/148] systemd-libs-0:257.5-2.fc42.a 100% |  94.7 MiB/s | 776.0 KiB |  00m00s
[119/148] libffi-0:3.4.6-5.fc42.aarch64 100% |  18.7 MiB/s |  38.3 KiB |  00m00s
[120/148] ca-certificates-0:2024.2.69_v 100% | 102.5 MiB/s | 944.7 KiB |  00m00s
[121/148] p11-kit-0:0.25.5-5.fc42.aarch 100% |  57.6 MiB/s | 472.2 KiB |  00m00s
[122/148] p11-kit-trust-0:0.25.5-5.fc42 100% |  18.3 MiB/s | 131.1 KiB |  00m00s
[123/148] libtasn1-0:4.20.0-1.fc42.aarc 100% |  24.0 MiB/s |  73.7 KiB |  00m00s
[124/148] qt6-srpm-macros-0:6.9.0-2.fc4 100% |   4.6 MiB/s |   9.4 KiB |  00m00s
[125/148] efi-srpm-macros-0:6-3.fc42.no 100% |   7.3 MiB/s |  22.5 KiB |  00m00s
[126/148] fedora-release-0:42-27.noarch 100% |   7.4 MiB/s |  15.2 KiB |  00m00s
[127/148] fedora-release-identity-basic 100% |   7.8 MiB/s |  16.0 KiB |  00m00s
[128/148] xxhash-libs-0:0.8.3-2.fc42.aa 100% |   6.8 MiB/s |  34.8 KiB |  00m00s
[129/148] systemd-standalone-sysusers-0 100% |  18.4 MiB/s | 151.1 KiB |  00m00s
[130/148] libcurl-0:8.11.1-4.fc42.aarch 100% |  59.4 MiB/s | 364.9 KiB |  00m00s
[131/148] krb5-libs-0:1.21.3-5.fc42.aar 100% |  81.9 MiB/s | 754.7 KiB |  00m00s
[132/148] libbrotli-0:1.1.0-6.fc42.aarc 100% |  33.3 MiB/s | 340.5 KiB |  00m00s
[133/148] libidn2-0:2.3.8-1.fc42.aarch6 100% |  24.4 MiB/s | 175.1 KiB |  00m00s
[134/148] gdb-minimal-0:16.2-3.fc42.aar 100% | 149.0 MiB/s |   4.2 MiB |  00m00s
[135/148] libnghttp2-0:1.64.0-3.fc42.aa 100% |  10.7 MiB/s |  76.9 KiB |  00m00s
[136/148] libpsl-0:0.21.5-5.fc42.aarch6 100% |  10.5 MiB/s |  64.2 KiB |  00m00s
[137/148] keyutils-libs-0:1.6.3-5.fc42. 100% |   3.9 MiB/s |  31.8 KiB |  00m00s
[138/148] libssh-0:0.11.1-4.fc42.aarch6 100% |  20.4 MiB/s | 230.3 KiB |  00m00s
[139/148] openldap-0:2.6.9-3.fc42.aarch 100% |  24.6 MiB/s | 251.6 KiB |  00m00s
[140/148] libcom_err-0:1.47.2-3.fc42.aa 100% |   5.2 MiB/s |  26.8 KiB |  00m00s
[141/148] libverto-0:0.3.2-10.fc42.aarc 100% |   4.1 MiB/s |  20.8 KiB |  00m00s
[142/148] libunistring-0:1.1-9.fc42.aar 100% |  58.5 MiB/s | 539.4 KiB |  00m00s
[143/148] publicsuffix-list-dafsa-0:202 100% |   9.6 MiB/s |  58.8 KiB |  00m00s
[144/148] libssh-config-0:0.11.1-4.fc42 100% |   1.8 MiB/s |   9.0 KiB |  00m00s
[145/148] libtool-ltdl-0:2.5.4-4.fc42.a 100% |  11.5 MiB/s |  35.4 KiB |  00m00s
[146/148] libevent-0:2.1.12-15.fc42.aar 100% |  49.7 MiB/s | 254.7 KiB |  00m00s
[147/148] cyrus-sasl-lib-0:2.1.28-30.fc 100% | 108.3 MiB/s | 776.2 KiB |  00m00s
[148/148] gdbm-libs-1:1.23-9.fc42.aarch 100% |  13.7 MiB/s |  56.2 KiB |  00m00s
--------------------------------------------------------------------------------
[148/148] Total                         100% | 101.8 MiB/s |  51.2 MiB |  00m01s
Running transaction
Importing OpenPGP key 0x105EF944:
 UserID     : "Fedora (42) <fedora-42-primary@fedoraproject.org>"
 Fingerprint: B0F4950458F69E1150C6C5EDC8AC4916105EF944
 From       : file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-42-primary
The key was successfully imported.
[  1/150] Verify package files          100% | 685.0   B/s | 148.0   B |  00m00s
>>> Running pre-transaction scriptlet: filesystem-0:3.18-36.fc42.aarch64        
>>> Finished pre-transaction scriptlet: filesystem-0:3.18-36.fc42.aarch64       
>>> [RPM] /var/lib/mock/fedora-42-aarch64-1746118400.577433/root/var/cache/dnf/c
[  2/150] Prepare transaction           100% |   2.5 KiB/s | 148.0   B |  00m00s
[  3/150] Installing libgcc-0:15.1.1-1. 100% | 109.3 MiB/s | 223.9 KiB |  00m00s
[  4/150] Installing libssh-config-0:0. 100% |   0.0   B/s | 816.0   B |  00m00s
[  5/150] Installing publicsuffix-list- 100% |  67.6 MiB/s |  69.2 KiB |  00m00s
[  6/150] Installing fedora-release-ide 100% | 882.8 KiB/s | 904.0   B |  00m00s
[  7/150] Installing fedora-gpg-keys-0: 100% |  28.4 MiB/s | 174.8 KiB |  00m00s
[  8/150] Installing fedora-repos-0:42- 100% |   5.6 MiB/s |   5.7 KiB |  00m00s
[  9/150] Installing fedora-release-com 100% |  23.9 MiB/s |  24.5 KiB |  00m00s
[ 10/150] Installing fedora-release-0:4 100% |   7.1 KiB/s | 124.0   B |  00m00s
>>> Running sysusers scriptlet: setup-0:2.15.0-13.fc42.noarch                   
>>> Finished sysusers scriptlet: setup-0:2.15.0-13.fc42.noarch                  
>>> Scriptlet output:                                                           
>>> Creating group 'adm' with GID 4.                                            
>>> Creating group 'audio' with GID 63.                                         
>>> Creating group 'bin' with GID 1.                                            
>>> Creating group 'cdrom' with GID 11.                                         
>>> Creating group 'clock' with GID 103.                                        
>>> Creating group 'daemon' with GID 2.                                         
>>> Creating group 'dialout' with GID 18.                                       
>>> Creating group 'disk' with GID 6.                                           
>>> Creating group 'floppy' with GID 19.                                        
>>> Creating group 'ftp' with GID 50.                                           
>>> Creating group 'games' with GID 20.                                         
>>> Creating group 'input' with GID 104.                                        
>>> Creating group 'kmem' with GID 9.                                           
>>> Creating group 'kvm' with GID 36.                                           
>>> Creating group 'lock' with GID 54.                                          
>>> Creating group 'lp' with GID 7.                                             
>>> Creating group 'mail' with GID 12.                                          
>>> Creating group 'man' with GID 15.                                           
>>> Creating group 'mem' with GID 8.                                            
>>> Creating group 'nobody' with GID 65534.                                     
>>> Creating group 'render' with GID 105.                                       
>>> Creating group 'root' with GID 0.                                           
>>> Creating group 'sgx' with GID 106.                                          
>>> Creating group 'sys' with GID 3.                                            
>>> Creating group 'tape' with GID 33.                                          
>>> Creating group 'tty' with GID 5.                                            
>>> Creating group 'users' with GID 100.                                        
>>> Creating group 'utmp' with GID 22.                                          
>>> Creating group 'video' with GID 39.                                         
>>> Creating group 'wheel' with GID 10.                                         
>>>                                                                             
>>> Running sysusers scriptlet: setup-0:2.15.0-13.fc42.noarch                   
>>> Finished sysusers scriptlet: setup-0:2.15.0-13.fc42.noarch                  
>>> Scriptlet output:                                                           
>>> Creating user 'adm' (adm) with UID 3 and GID 4.                             
>>> Creating user 'bin' (bin) with UID 1 and GID 1.                             
>>> Creating user 'daemon' (daemon) with UID 2 and GID 2.                       
>>> Creating user 'ftp' (FTP User) with UID 14 and GID 50.                      
>>> Creating user 'games' (games) with UID 12 and GID 20.                       
>>> Creating user 'halt' (halt) with UID 7 and GID 0.                           
>>> Creating user 'lp' (lp) with UID 4 and GID 7.                               
>>> Creating user 'mail' (mail) with UID 8 and GID 12.                          
>>> Creating user 'nobody' (Kernel Overflow User) with UID 65534 and GID 65534. 
>>> Creating user 'operator' (operator) with UID 11 and GID 0.                  
>>> Creating user 'root' (Super User) with UID 0 and GID 0.                     
>>> Creating user 'shutdown' (shutdown) with UID 6 and GID 0.                   
>>> Creating user 'sync' (sync) with UID 5 and GID 0.                           
>>>                                                                             
[ 11/150] Installing setup-0:2.15.0-13. 100% |  35.5 MiB/s | 726.7 KiB |  00m00s
>>> [RPM] /etc/hosts created as /etc/hosts.rpmnew                               
[ 12/150] Installing filesystem-0:3.18- 100% |   1.9 MiB/s | 212.4 KiB |  00m00s
[ 13/150] Installing basesystem-0:11-22 100% |   0.0   B/s | 124.0   B |  00m00s
[ 14/150] Installing qt6-srpm-macros-0: 100% |   0.0   B/s | 740.0   B |  00m00s
[ 15/150] Installing pkgconf-m4-0:2.3.0 100% |   0.0   B/s |  14.8 KiB |  00m00s
[ 16/150] Installing pcre2-syntax-0:10. 100% | 135.0 MiB/s | 276.4 KiB |  00m00s
[ 17/150] Installing ncurses-base-0:6.5 100% |  49.1 MiB/s | 352.2 KiB |  00m00s
[ 18/150] Installing glibc-minimal-lang 100% |   0.0   B/s | 124.0   B |  00m00s
[ 19/150] Installing ncurses-libs-0:6.5 100% | 207.9 MiB/s |   1.2 MiB |  00m00s
[ 20/150] Installing glibc-0:2.41-5.fc4 100% | 145.6 MiB/s |   6.3 MiB |  00m00s
[ 21/150] Installing bash-0:5.2.37-1.fc 100% | 196.0 MiB/s |   8.2 MiB |  00m00s
[ 22/150] Installing glibc-common-0:2.4 100% |  55.2 MiB/s |   1.3 MiB |  00m00s
[ 23/150] Installing glibc-gconv-extra- 100% | 365.9 MiB/s |  18.7 MiB |  00m00s
[ 24/150] Installing zlib-ng-compat-0:2 100% | 131.1 MiB/s | 134.2 KiB |  00m00s
[ 25/150] Installing bzip2-libs-0:1.0.8 100% |  72.0 MiB/s |  73.7 KiB |  00m00s
[ 26/150] Installing xz-libs-1:5.8.1-2. 100% | 197.9 MiB/s | 202.6 KiB |  00m00s
[ 27/150] Installing libuuid-0:2.40.4-7 100% |  68.9 MiB/s |  70.5 KiB |  00m00s
[ 28/150] Installing libblkid-0:2.40.4- 100% | 142.4 MiB/s | 291.6 KiB |  00m00s
[ 29/150] Installing gmp-1:6.3.0-4.fc42 100% | 214.9 MiB/s | 660.1 KiB |  00m00s
[ 30/150] Installing readline-0:8.2-13. 100% | 275.0 MiB/s | 563.2 KiB |  00m00s
[ 31/150] Installing popt-0:1.19-8.fc42 100% |  49.3 MiB/s | 151.4 KiB |  00m00s
[ 32/150] Installing libzstd-0:1.5.7-1. 100% | 217.8 MiB/s | 669.0 KiB |  00m00s
[ 33/150] Installing elfutils-libelf-0: 100% | 297.4 MiB/s |   1.2 MiB |  00m00s
[ 34/150] Installing libstdc++-0:15.1.1 100% | 307.2 MiB/s |   2.8 MiB |  00m00s
[ 35/150] Installing libxcrypt-0:4.4.38 100% | 134.4 MiB/s | 275.2 KiB |  00m00s
[ 36/150] Installing libattr-0:2.5.2-5. 100% |  66.5 MiB/s |  68.0 KiB |  00m00s
[ 37/150] Installing libacl-0:2.3.2-3.f 100% |  65.5 MiB/s |  67.1 KiB |  00m00s
[ 38/150] Installing dwz-0:0.15-9.fc42. 100% |  16.7 MiB/s | 323.9 KiB |  00m00s
[ 39/150] Installing mpfr-0:4.2.2-1.fc4 100% | 184.9 MiB/s | 757.2 KiB |  00m00s
[ 40/150] Installing gawk-0:5.3.1-1.fc4 100% |  94.4 MiB/s |   2.5 MiB |  00m00s
[ 41/150] Installing unzip-0:6.0-66.fc4 100% |  24.3 MiB/s | 473.7 KiB |  00m00s
[ 42/150] Installing file-libs-0:5.46-1 100% | 594.0 MiB/s |  11.9 MiB |  00m00s
[ 43/150] Installing file-0:5.46-1.fc42 100% |   5.5 MiB/s | 141.7 KiB |  00m00s
[ 44/150] Installing crypto-policies-0: 100% |  20.0 MiB/s | 163.5 KiB |  00m00s
[ 45/150] Installing pcre2-0:10.45-1.fc 100% | 232.7 MiB/s | 715.0 KiB |  00m00s
[ 46/150] Installing grep-0:3.11-10.fc4 100% |  39.8 MiB/s |   1.0 MiB |  00m00s
[ 47/150] Installing xz-1:5.8.1-2.fc42. 100% |  54.4 MiB/s |   1.4 MiB |  00m00s
[ 48/150] Installing libeconf-0:0.7.6-1 100% |  80.4 MiB/s |  82.3 KiB |  00m00s
[ 49/150] Installing libcap-ng-0:0.8.5- 100% | 159.0 MiB/s | 162.8 KiB |  00m00s
[ 50/150] Installing audit-libs-0:4.0.3 100% | 203.7 MiB/s | 417.2 KiB |  00m00s
[ 51/150] Installing pam-libs-0:1.7.0-4 100% | 110.0 MiB/s | 225.3 KiB |  00m00s
[ 52/150] Installing libcap-0:2.73-2.fc 100% |  26.3 MiB/s | 511.6 KiB |  00m00s
[ 53/150] Installing systemd-libs-0:257 100% | 259.5 MiB/s |   2.3 MiB |  00m00s
[ 54/150] Installing libsmartcols-0:2.4 100% | 220.2 MiB/s | 225.5 KiB |  00m00s
[ 55/150] Installing libsepol-0:3.8-1.f 100% | 264.0 MiB/s | 810.9 KiB |  00m00s
[ 56/150] Installing libselinux-0:3.8-1 100% |  98.8 MiB/s | 202.3 KiB |  00m00s
[ 57/150] Installing findutils-1:4.10.0 100% |  76.8 MiB/s |   1.9 MiB |  00m00s
[ 58/150] Installing sed-0:4.9-4.fc42.a 100% |  37.4 MiB/s | 881.4 KiB |  00m00s
[ 59/150] Installing libmount-0:2.40.4- 100% | 174.3 MiB/s | 356.9 KiB |  00m00s
[ 60/150] Installing alternatives-0:1.3 100% |   5.0 MiB/s |  91.7 KiB |  00m00s
[ 61/150] Installing lz4-libs-0:1.10.0- 100% | 193.9 MiB/s | 198.5 KiB |  00m00s
[ 62/150] Installing lua-libs-0:5.4.7-3 100% | 161.2 MiB/s | 330.1 KiB |  00m00s
[ 63/150] Installing libffi-0:3.4.6-5.f 100% | 152.1 MiB/s | 155.8 KiB |  00m00s
[ 64/150] Installing libtasn1-0:4.20.0- 100% | 108.5 MiB/s | 222.2 KiB |  00m00s
[ 65/150] Installing p11-kit-0:0.25.5-5 100% |  85.5 MiB/s |   2.4 MiB |  00m00s
[ 66/150] Installing libunistring-0:1.1 100% | 291.0 MiB/s |   1.7 MiB |  00m00s
[ 67/150] Installing libidn2-0:2.3.8-1. 100% | 110.7 MiB/s | 566.7 KiB |  00m00s
[ 68/150] Installing libpsl-0:0.21.5-5. 100% | 130.5 MiB/s | 133.6 KiB |  00m00s
[ 69/150] Installing p11-kit-trust-0:0. 100% |  16.2 MiB/s | 465.0 KiB |  00m00s
[ 70/150] Installing zstd-0:1.5.7-1.fc4 100% |  62.7 MiB/s |   1.5 MiB |  00m00s
[ 71/150] Installing util-linux-core-0: 100% |  85.2 MiB/s |   2.4 MiB |  00m00s
[ 72/150] Installing tar-2:1.35-5.fc42. 100% | 103.6 MiB/s |   3.0 MiB |  00m00s
[ 73/150] Installing libsemanage-0:3.8- 100% | 117.8 MiB/s | 361.8 KiB |  00m00s
[ 74/150] Installing shadow-utils-2:4.1 100% | 101.9 MiB/s |   4.6 MiB |  00m00s
[ 75/150] Installing systemd-standalone 100% |  17.0 MiB/s | 329.9 KiB |  00m00s
[ 76/150] Installing zip-0:3.0-43.fc42. 100% |  35.6 MiB/s | 766.4 KiB |  00m00s
[ 77/150] Installing libfdisk-0:2.40.4- 100% | 205.0 MiB/s | 419.8 KiB |  00m00s
[ 78/150] Installing libxml2-0:2.12.10- 100% |  78.8 MiB/s |   1.9 MiB |  00m00s
[ 79/150] Installing bzip2-0:1.0.8-20.f 100% |   9.0 MiB/s | 175.8 KiB |  00m00s
[ 80/150] Installing sqlite-libs-0:3.47 100% | 246.3 MiB/s |   1.5 MiB |  00m00s
[ 81/150] Installing add-determinism-0: 100% |  86.5 MiB/s |   2.2 MiB |  00m00s
[ 82/150] Installing build-reproducibil 100% |   1.0 MiB/s |   1.0 KiB |  00m00s
[ 83/150] Installing ed-0:1.21-2.fc42.a 100% |   8.1 MiB/s | 156.8 KiB |  00m00s
[ 84/150] Installing patch-0:2.8-1.fc42 100% |  13.6 MiB/s | 264.0 KiB |  00m00s
[ 85/150] Installing filesystem-srpm-ma 100% |  38.0 MiB/s |  38.9 KiB |  00m00s
[ 86/150] Installing elfutils-default-y 100% | 291.9 KiB/s |   2.0 KiB |  00m00s
[ 87/150] Installing elfutils-libs-0:0. 100% | 182.7 MiB/s | 748.2 KiB |  00m00s
[ 88/150] Installing cpio-0:2.15-4.fc42 100% |  43.8 MiB/s |   1.1 MiB |  00m00s
[ 89/150] Installing diffutils-0:3.12-1 100% |  64.9 MiB/s |   1.6 MiB |  00m00s
[ 90/150] Installing jansson-0:2.14-2.f 100% |  92.3 MiB/s |  94.5 KiB |  00m00s
[ 91/150] Installing json-c-0:0.18-2.fc 100% | 136.7 MiB/s | 139.9 KiB |  00m00s
[ 92/150] Installing libpkgconf-0:2.3.0 100% | 132.0 MiB/s | 135.1 KiB |  00m00s
[ 93/150] Installing pkgconf-0:2.3.0-2. 100% |   6.2 MiB/s | 114.9 KiB |  00m00s
[ 94/150] Installing pkgconf-pkg-config 100% |  98.5 KiB/s |   1.8 KiB |  00m00s
[ 95/150] Installing libgomp-0:15.1.1-1 100% | 251.6 MiB/s | 515.2 KiB |  00m00s
[ 96/150] Installing xxhash-libs-0:0.8. 100% |  85.3 MiB/s |  87.4 KiB |  00m00s
[ 97/150] Installing libbrotli-0:1.1.0- 100% | 222.6 MiB/s | 911.7 KiB |  00m00s
[ 98/150] Installing libnghttp2-0:1.64. 100% | 194.5 MiB/s | 199.2 KiB |  00m00s
[ 99/150] Installing keyutils-libs-0:1. 100% |  97.4 MiB/s |  99.8 KiB |  00m00s
[100/150] Installing libcom_err-0:1.47. 100% | 109.5 MiB/s | 112.2 KiB |  00m00s
[101/150] Installing libverto-0:0.3.2-1 100% |  69.5 MiB/s |  71.2 KiB |  00m00s
[102/150] Installing libtool-ltdl-0:2.5 100% |  92.9 MiB/s |  95.1 KiB |  00m00s
[103/150] Installing gdbm-libs-1:1.23-9 100% | 230.1 MiB/s | 235.7 KiB |  00m00s
[104/150] Installing cyrus-sasl-lib-0:2 100% |  93.0 MiB/s |   2.4 MiB |  00m00s
[105/150] Installing rust-srpm-macros-0 100% |   5.4 MiB/s |   5.6 KiB |  00m00s
[106/150] Installing qt5-srpm-macros-0: 100% |   0.0   B/s | 776.0   B |  00m00s
[107/150] Installing perl-srpm-macros-0 100% |   0.0   B/s |   1.1 KiB |  00m00s
[108/150] Installing package-notes-srpm 100% |   0.0   B/s |   2.0 KiB |  00m00s
[109/150] Installing openblas-srpm-macr 100% |   0.0   B/s | 392.0   B |  00m00s
[110/150] Installing ocaml-srpm-macros- 100% |   0.0   B/s |   2.2 KiB |  00m00s
[111/150] Installing kernel-srpm-macros 100% |   0.0   B/s |   2.3 KiB |  00m00s
[112/150] Installing gnat-srpm-macros-0 100% |   0.0   B/s |   1.3 KiB |  00m00s
[113/150] Installing ghc-srpm-macros-0: 100% |   0.0   B/s |   1.0 KiB |  00m00s
[114/150] Installing fpc-srpm-macros-0: 100% |   0.0   B/s | 420.0   B |  00m00s
[115/150] Installing ansible-srpm-macro 100% |  35.4 MiB/s |  36.2 KiB |  00m00s
[116/150] Installing coreutils-common-0 100% | 278.8 MiB/s |  11.2 MiB |  00m00s
[117/150] Installing openssl-libs-1:3.2 100% | 275.4 MiB/s |   6.3 MiB |  00m00s
[118/150] Installing coreutils-0:9.6-2. 100% | 164.5 MiB/s |   8.2 MiB |  00m00s
[119/150] Installing ca-certificates-0: 100% |   1.3 MiB/s |   2.4 MiB |  00m02s
[120/150] Installing libarchive-0:3.7.7 100% | 178.2 MiB/s | 912.6 KiB |  00m00s
[121/150] Installing krb5-libs-0:1.21.3 100% | 230.2 MiB/s |   2.5 MiB |  00m00s
[122/150] Installing libssh-0:0.11.1-4. 100% | 191.2 MiB/s | 587.5 KiB |  00m00s
[123/150] Installing gzip-0:1.13-3.fc42 100% |  20.0 MiB/s | 430.2 KiB |  00m00s
[124/150] Installing rpm-sequoia-0:1.7. 100% | 287.2 MiB/s |   2.3 MiB |  00m00s
[125/150] Installing rpm-libs-0:4.20.1- 100% | 179.5 MiB/s | 735.1 KiB |  00m00s
[126/150] Installing rpm-build-libs-0:4 100% | 194.7 MiB/s | 199.4 KiB |  00m00s
[127/150] Installing libevent-0:2.1.12- 100% | 271.3 MiB/s |   1.1 MiB |  00m00s
[128/150] Installing openldap-0:2.6.9-3 100% | 171.2 MiB/s | 701.1 KiB |  00m00s
[129/150] Installing libcurl-0:8.11.1-4 100% | 194.1 MiB/s | 795.1 KiB |  00m00s
[130/150] Installing elfutils-debuginfo 100% |   7.5 MiB/s | 146.1 KiB |  00m00s
[131/150] Installing binutils-0:2.44-3. 100% | 262.3 MiB/s |  29.4 MiB |  00m00s
[132/150] Installing elfutils-0:0.192-9 100% | 114.4 MiB/s |   3.2 MiB |  00m00s
[133/150] Installing gdb-minimal-0:16.2 100% | 217.4 MiB/s |  13.0 MiB |  00m00s
[134/150] Installing debugedit-0:5.1-6. 100% |  12.7 MiB/s | 247.3 KiB |  00m00s
[135/150] Installing curl-0:8.11.1-4.fc 100% |  15.4 MiB/s | 457.2 KiB |  00m00s
[136/150] Installing rpm-0:4.20.1-1.fc4 100% |  68.5 MiB/s |   2.7 MiB |  00m00s
[137/150] Installing lua-srpm-macros-0: 100% |   1.9 MiB/s |   1.9 KiB |  00m00s
[138/150] Installing tree-sitter-srpm-m 100% |   7.2 MiB/s |   7.4 KiB |  00m00s
[139/150] Installing zig-srpm-macros-0: 100% |   0.0   B/s |   1.7 KiB |  00m00s
[140/150] Installing efi-srpm-macros-0: 100% |  40.2 MiB/s |  41.1 KiB |  00m00s
[141/150] Installing fonts-srpm-macros- 100% |  55.7 MiB/s |  57.0 KiB |  00m00s
[142/150] Installing forge-srpm-macros- 100% |  39.3 MiB/s |  40.3 KiB |  00m00s
[143/150] Installing go-srpm-macros-0:3 100% |  60.5 MiB/s |  62.0 KiB |  00m00s
[144/150] Installing python-srpm-macros 100% |  50.9 MiB/s |  52.2 KiB |  00m00s
[145/150] Installing redhat-rpm-config- 100% |  62.6 MiB/s | 192.2 KiB |  00m00s
[146/150] Installing rpm-build-0:4.20.1 100% |  24.8 MiB/s | 533.0 KiB |  00m00s
[147/150] Installing pyproject-srpm-mac 100% |   1.2 MiB/s |   2.5 KiB |  00m00s
[148/150] Installing util-linux-0:2.40. 100% | 120.5 MiB/s |   6.6 MiB |  00m00s
[149/150] Installing which-0:2.23-1.fc4 100% |   6.5 MiB/s | 125.6 KiB |  00m00s
[150/150] Installing info-0:7.2-3.fc42. 100% | 182.0 KiB/s | 422.0 KiB |  00m02s
Warning: skipped OpenPGP checks for 3 packages from repository: copr_base
Complete!
Finish: installing minimal buildroot with dnf5
Start: creating root cache
Finish: creating root cache
Finish: chroot init
INFO: Installed packages:
INFO: add-determinism-0.6.0-1.fc42.aarch64
alternatives-1.32-1.fc42.aarch64
ansible-srpm-macros-1-17.1.fc42.noarch
audit-libs-4.0.3-2.fc42.aarch64
basesystem-11-22.fc42.noarch
bash-5.2.37-1.fc42.aarch64
binutils-2.44-3.fc42.aarch64
build-reproducibility-srpm-macros-0.6.0-1.fc42.noarch
bzip2-1.0.8-20.fc42.aarch64
bzip2-libs-1.0.8-20.fc42.aarch64
ca-certificates-2024.2.69_v8.0.401-6.fc42.noarch
coreutils-9.6-2.fc42.aarch64
coreutils-common-9.6-2.fc42.aarch64
cpio-2.15-4.fc42.aarch64
crypto-policies-20250214-1.gitff7551b.fc42.noarch
curl-8.11.1-4.fc42.aarch64
cyrus-sasl-lib-2.1.28-30.fc42.aarch64
debugedit-5.1-6.fc42.aarch64
diffutils-3.12-1.fc42.aarch64
dwz-0.15-9.fc42.aarch64
ed-1.21-2.fc42.aarch64
efi-srpm-macros-6-3.fc42.noarch
elfutils-0.192-9.fc42.aarch64
elfutils-debuginfod-client-0.192-9.fc42.aarch64
elfutils-default-yama-scope-0.192-9.fc42.noarch
elfutils-libelf-0.192-9.fc42.aarch64
elfutils-libs-0.192-9.fc42.aarch64
fedora-gpg-keys-42-1.noarch
fedora-release-42-27.noarch
fedora-release-common-42-27.noarch
fedora-release-identity-basic-42-27.noarch
fedora-repos-42-1.noarch
file-5.46-1.fc42.aarch64
file-libs-5.46-1.fc42.aarch64
filesystem-3.18-36.fc42.aarch64
filesystem-srpm-macros-3.18-36.fc42.noarch
findutils-4.10.0-5.fc42.aarch64
fonts-srpm-macros-2.0.5-21.fc42.noarch
forge-srpm-macros-0.4.0-2.fc42.noarch
fpc-srpm-macros-1.3-14.fc42.noarch
gawk-5.3.1-1.fc42.aarch64
gdb-minimal-16.2-3.fc42.aarch64
gdbm-libs-1.23-9.fc42.aarch64
ghc-srpm-macros-1.9.2-2.fc42.noarch
glibc-2.41-5.fc42.aarch64
glibc-common-2.41-5.fc42.aarch64
glibc-gconv-extra-2.41-5.fc42.aarch64
glibc-minimal-langpack-2.41-5.fc42.aarch64
gmp-6.3.0-4.fc42.aarch64
gnat-srpm-macros-6-7.fc42.noarch
go-srpm-macros-3.6.0-6.fc42.noarch
gpg-pubkey-105ef944-65ca83d1
grep-3.11-10.fc42.aarch64
gzip-1.13-3.fc42.aarch64
info-7.2-3.fc42.aarch64
jansson-2.14-2.fc42.aarch64
json-c-0.18-2.fc42.aarch64
kernel-srpm-macros-1.0-25.fc42.noarch
keyutils-libs-1.6.3-5.fc42.aarch64
krb5-libs-1.21.3-5.fc42.aarch64
libacl-2.3.2-3.fc42.aarch64
libarchive-3.7.7-4.fc42.aarch64
libattr-2.5.2-5.fc42.aarch64
libblkid-2.40.4-7.fc42.aarch64
libbrotli-1.1.0-6.fc42.aarch64
libcap-2.73-2.fc42.aarch64
libcap-ng-0.8.5-4.fc42.aarch64
libcom_err-1.47.2-3.fc42.aarch64
libcurl-8.11.1-4.fc42.aarch64
libeconf-0.7.6-1.fc42.aarch64
libevent-2.1.12-15.fc42.aarch64
libfdisk-2.40.4-7.fc42.aarch64
libffi-3.4.6-5.fc42.aarch64
libgcc-15.1.1-1.fc42.aarch64
libgomp-15.1.1-1.fc42.aarch64
libidn2-2.3.8-1.fc42.aarch64
libmount-2.40.4-7.fc42.aarch64
libnghttp2-1.64.0-3.fc42.aarch64
libpkgconf-2.3.0-2.fc42.aarch64
libpsl-0.21.5-5.fc42.aarch64
libselinux-3.8-1.fc42.aarch64
libsemanage-3.8-1.fc42.aarch64
libsepol-3.8-1.fc42.aarch64
libsmartcols-2.40.4-7.fc42.aarch64
libssh-0.11.1-4.fc42.aarch64
libssh-config-0.11.1-4.fc42.noarch
libstdc++-15.1.1-1.fc42.aarch64
libtasn1-4.20.0-1.fc42.aarch64
libtool-ltdl-2.5.4-4.fc42.aarch64
libunistring-1.1-9.fc42.aarch64
libuuid-2.40.4-7.fc42.aarch64
libverto-0.3.2-10.fc42.aarch64
libxcrypt-4.4.38-7.fc42.aarch64
libxml2-2.12.10-1.fc42.aarch64
libzstd-1.5.7-1.fc42.aarch64
lua-libs-5.4.7-3.fc42.aarch64
lua-srpm-macros-1-15.fc42.noarch
lz4-libs-1.10.0-2.fc42.aarch64
mpfr-4.2.2-1.fc42.aarch64
ncurses-base-6.5-5.20250125.fc42.noarch
ncurses-libs-6.5-5.20250125.fc42.aarch64
ocaml-srpm-macros-10-4.fc42.noarch
openblas-srpm-macros-2-19.fc42.noarch
openldap-2.6.9-3.fc42.aarch64
openssl-libs-3.2.4-3.fc42.aarch64
p11-kit-0.25.5-5.fc42.aarch64
p11-kit-trust-0.25.5-5.fc42.aarch64
package-notes-srpm-macros-0.5-13.fc42.noarch
pam-libs-1.7.0-4.fc42.aarch64
patch-2.8-1.fc42.aarch64
pcre2-10.45-1.fc42.aarch64
pcre2-syntax-10.45-1.fc42.noarch
perl-srpm-macros-1-57.fc42.noarch
pkgconf-2.3.0-2.fc42.aarch64
pkgconf-m4-2.3.0-2.fc42.noarch
pkgconf-pkg-config-2.3.0-2.fc42.aarch64
popt-1.19-8.fc42.aarch64
publicsuffix-list-dafsa-20250116-1.fc42.noarch
pyproject-srpm-macros-1.18.1-1.fc42.noarch
python-srpm-macros-3.13-4.fc42.noarch
qt5-srpm-macros-5.15.15-1.fc42.noarch
qt6-srpm-macros-6.9.0-2.fc42.noarch
readline-8.2-13.fc42.aarch64
redhat-rpm-config-342-4.fc42.noarch
rpm-4.20.1-1.fc42.aarch64
rpm-build-4.20.1-1.fc42.aarch64
rpm-build-libs-4.20.1-1.fc42.aarch64
rpm-libs-4.20.1-1.fc42.aarch64
rpm-sequoia-1.7.0-5.fc42.aarch64
rust-srpm-macros-26.3-4.fc42.noarch
sed-4.9-4.fc42.aarch64
setup-2.15.0-13.fc42.noarch
shadow-utils-4.17.4-1.fc42.aarch64
sqlite-libs-3.47.2-2.fc42.aarch64
systemd-libs-257.5-2.fc42.aarch64
systemd-standalone-sysusers-257.5-2.fc42.aarch64
tar-1.35-5.fc42.aarch64
tree-sitter-srpm-macros-0.1.0-8.fc42.noarch
unzip-6.0-66.fc42.aarch64
util-linux-2.40.4-7.fc42.aarch64
util-linux-core-2.40.4-7.fc42.aarch64
which-2.23-1.fc42.aarch64
xxhash-libs-0.8.3-2.fc42.aarch64
xz-5.8.1-2.fc42.aarch64
xz-libs-5.8.1-2.fc42.aarch64
zig-srpm-macros-1-4.fc42.noarch
zip-3.0-43.fc42.aarch64
zlib-ng-compat-2.2.4-3.fc42.aarch64
zstd-1.5.7-1.fc42.aarch64
Start: buildsrpm
Start: rpmbuild -bs
Building target platforms: aarch64
Building for target aarch64
warning: /builddir/build/SPECS/crypto-policies.spec line 64: autopatch: no matching patches in range
setting SOURCE_DATE_EPOCH=1741824000
Wrote: /builddir/build/SRPMS/crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm

RPM build warnings:
    /builddir/build/SPECS/crypto-policies.spec line 64: autopatch: no matching patches in range
Finish: rpmbuild -bs
INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan
INFO: /var/lib/mock/fedora-42-aarch64-1746118400.577433/root/var/log/dnf5.log
INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz
/bin/tar: Removing leading `/' from member names
Finish: buildsrpm
INFO: Done(/var/lib/copr-rpmbuild/workspace/workdir-8j7fnv84/crypto-policies/crypto-policies.spec) Config(child) 0 minutes 19 seconds
INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results
INFO: Cleaning up build root ('cleanup_on_success=True')
Start: clean chroot
INFO: unmounting tmpfs.
Finish: clean chroot
INFO: Start(/var/lib/copr-rpmbuild/results/crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm)  Config(fedora-42-aarch64)
Start(bootstrap): chroot init
INFO: mounting tmpfs at /var/lib/mock/fedora-42-aarch64-bootstrap-1746118400.577433/root.
INFO: reusing tmpfs at /var/lib/mock/fedora-42-aarch64-bootstrap-1746118400.577433/root.
INFO: calling preinit hooks
INFO: enabled root cache
INFO: enabled package manager cache
Start(bootstrap): cleaning package manager metadata
Finish(bootstrap): cleaning package manager metadata
Finish(bootstrap): chroot init
Start: chroot init
INFO: mounting tmpfs at /var/lib/mock/fedora-42-aarch64-1746118400.577433/root.
INFO: calling preinit hooks
INFO: enabled root cache
Start: unpacking root cache
Finish: unpacking root cache
INFO: enabled package manager cache
Start: cleaning package manager metadata
Finish: cleaning package manager metadata
INFO: enabled HW Info plugin
INFO: Buildroot is handled by package management downloaded with a bootstrap image:
  rpm-4.20.1-1.fc42.aarch64
  rpm-sequoia-1.7.0-5.fc42.aarch64
  dnf5-5.2.13.1-1.fc42.aarch64
  dnf5-plugins-5.2.13.1-1.fc42.aarch64
Finish: chroot init
Start: build phase for crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
Start: build setup for crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
Building target platforms: aarch64
Building for target aarch64
warning: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range
setting SOURCE_DATE_EPOCH=1741824000
Wrote: /builddir/build/SRPMS/crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm

RPM build warnings:
    /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range
Updating and loading repositories:
 updates                                100% |  64.4 KiB/s |  16.1 KiB |  00m00s
 fedora                                 100% |  55.2 KiB/s |  14.7 KiB |  00m00s
 Copr repository                        100% |  60.9 KiB/s |   1.5 KiB |  00m00s
Repositories loaded.
Package                               Arch    Version                        Repository      Size
Installing:
 asciidoc                             noarch  10.2.0-12.fc42                 fedora       1.7 MiB
 bind                                 aarch64 32:9.18.35-2.fc42              updates      1.2 MiB
 gnutls-utils                         aarch64 3.8.9-3.fc42                   fedora       1.5 MiB
 java-21-openjdk-devel                aarch64 1:21.0.7.0.6-1.fc42            updates     15.6 MiB
 libxslt                              aarch64 1.1.43-1.fc42                  fedora     548.2 KiB
 make                                 aarch64 1:4.4.1-10.fc42                fedora       1.8 MiB
 nss-tools                            aarch64 3.110.0-2.fc42                 updates      2.9 MiB
 openssh-clients                      aarch64 9.9p1-10.fc42                  fedora       2.8 MiB
 openssl                              aarch64 1:3.2.4-3.fc42                 fedora       1.6 MiB
 python3-devel                        aarch64 3.13.3-2.fc42                  updates      1.8 MiB
 python3-pytest                       noarch  8.3.4-2.fc42                   fedora      20.8 MiB
 sequoia-policy-config                aarch64 0.8.0-1.fc42                   fedora     895.7 KiB
 systemd-rpm-macros                   noarch  257.5-2.fc42                   updates      8.5 KiB
Installing dependencies:
 abattis-cantarell-vf-fonts           noarch  0.301-14.fc42                  fedora     192.7 KiB
 adobe-mappings-cmap                  noarch  20231115-2.fc42                fedora      15.2 MiB
 adobe-mappings-cmap-deprecated       noarch  20231115-2.fc42                fedora     582.1 KiB
 adobe-mappings-pdf                   noarch  20190401-9.fc42                fedora       4.4 MiB
 alsa-lib                             aarch64 1.2.14-2.fc42                  updates      1.5 MiB
 avahi-libs                           aarch64 0.9~rc2-2.fc42                 fedora     230.4 KiB
 bind-libs                            aarch64 32:9.18.35-2.fc42              updates      3.8 MiB
 boost-regex                          aarch64 1.83.0-12.fc42                 fedora     266.4 KiB
 cairo                                aarch64 1.18.2-3.fc42                  fedora       1.8 MiB
 cairo-gobject                        aarch64 1.18.2-3.fc42                  fedora      67.2 KiB
 ctags                                aarch64 6.1.0-2.fc42                   fedora       2.2 MiB
 cups-filesystem                      noarch  1:2.4.12-2.fc42                updates      0.0   B
 cups-libs                            aarch64 1:2.4.12-2.fc42                updates    666.8 KiB
 dbus-libs                            aarch64 1:1.16.0-3.fc42                fedora     397.5 KiB
 default-fonts-core-sans              noarch  4.2-4.fc42                     fedora      11.9 KiB
 docbook-dtds                         noarch  1.0-88.fc42                    fedora       8.3 MiB
 docbook-style-xsl                    noarch  1.79.2-24.fc42                 fedora      15.6 MiB
 expat                                aarch64 2.7.1-1.fc42                   fedora     354.1 KiB
 fontconfig                           aarch64 2.16.0-2.fc42                  fedora       1.2 MiB
 fonts-filesystem                     noarch  1:2.0.5-21.fc42                fedora       0.0   B
 freetype                             aarch64 2.13.3-2.fc42                  fedora     814.5 KiB
 fribidi                              aarch64 1.0.16-2.fc42                  fedora     246.3 KiB
 fstrm                                aarch64 0.6.1-12.fc42                  fedora      70.6 KiB
 gd                                   aarch64 2.3.3-18.fc42                  fedora     451.6 KiB
 gdk-pixbuf2                          aarch64 2.42.12-10.fc42                fedora       2.6 MiB
 glib2                                aarch64 2.84.1-1.fc42                  updates     15.3 MiB
 gnupg2                               aarch64 2.4.7-2.fc42                   fedora      10.4 MiB
 gnutls                               aarch64 3.8.9-3.fc42                   fedora       3.4 MiB
 gnutls-dane                          aarch64 3.8.9-3.fc42                   fedora      69.3 KiB
 google-droid-sans-fonts              noarch  20200215-22.fc42               fedora       6.3 MiB
 google-noto-fonts-common             noarch  20250301-1.fc42                fedora      17.7 KiB
 google-noto-sans-vf-fonts            noarch  20250301-1.fc42                fedora       1.4 MiB
 gpgme                                aarch64 1.24.2-1.fc42                  fedora     690.7 KiB
 gpgmepp                              aarch64 1.24.2-1.fc42                  fedora     458.3 KiB
 graphite2                            aarch64 1.3.14-18.fc42                 fedora     239.6 KiB
 graphviz                             aarch64 12.2.1-8.fc42                  updates     22.1 MiB
 graphviz-libs                        aarch64 12.2.1-8.fc42                  updates      1.3 MiB
 gts                                  aarch64 0.7.6-50.20121130.fc42         fedora       1.1 MiB
 harfbuzz                             aarch64 10.4.0-1.fc42                  fedora       2.6 MiB
 hiredis                              aarch64 1.2.0-6.fc42                   fedora     201.8 KiB
 java-21-openjdk                      aarch64 1:21.0.7.0.6-1.fc42            updates      1.4 MiB
 java-21-openjdk-headless             aarch64 1:21.0.7.0.6-1.fc42            updates    210.4 MiB
 javapackages-filesystem              noarch  6.4.0-5.fc42                   fedora       2.0 KiB
 jbig2dec-libs                        aarch64 0.20-6.fc42                    fedora     173.0 KiB
 jbigkit-libs                         aarch64 2.1-31.fc42                    fedora     181.5 KiB
 lasi                                 aarch64 1.1.3-16.fc42                  fedora     130.4 KiB
 lcms2                                aarch64 2.16-5.fc42                    fedora     420.7 KiB
 libICE                               aarch64 1.1.2-2.fc42                   fedora     222.4 KiB
 libSM                                aarch64 1.2.5-2.fc42                   fedora     129.1 KiB
 libX11                               aarch64 1.8.11-1.fc42                  fedora       1.3 MiB
 libX11-common                        noarch  1.8.11-1.fc42                  fedora       1.2 MiB
 libXau                               aarch64 1.0.12-2.fc42                  fedora     121.0 KiB
 libXcomposite                        aarch64 0.4.6-5.fc42                   fedora      96.5 KiB
 libXext                              aarch64 1.3.6-3.fc42                   fedora     145.9 KiB
 libXft                               aarch64 2.3.8-8.fc42                   fedora     192.4 KiB
 libXi                                aarch64 1.8.2-2.fc42                   fedora      72.5 KiB
 libXpm                               aarch64 3.5.17-5.fc42                  fedora     200.4 KiB
 libXrender                           aarch64 0.9.12-2.fc42                  fedora      70.0 KiB
 libXt                                aarch64 1.3.1-2.fc42                   fedora     477.5 KiB
 libXtst                              aarch64 1.2.5-2.fc42                   fedora      73.5 KiB
 libaom                               aarch64 3.12.0-1.fc42                  fedora       3.8 MiB
 libassuan                            aarch64 2.5.7-3.fc42                   fedora     215.8 KiB
 libavif                              aarch64 1.1.1-1.fc42                   fedora     218.1 KiB
 libb2                                aarch64 0.98.1-13.fc42                 fedora      74.1 KiB
 libcbor                              aarch64 0.11.0-3.fc42                  fedora     137.9 KiB
 libdatrie                            aarch64 0.2.13-11.fc42                 fedora      93.9 KiB
 libdav1d                             aarch64 1.5.1-1.fc42                   fedora     856.6 KiB
 libedit                              aarch64 3.1-55.20250104cvs.fc42        fedora     280.1 KiB
 libfido2                             aarch64 1.15.0-3.fc42                  fedora     278.3 KiB
 libfontenc                           aarch64 1.1.8-3.fc42                   fedora     106.7 KiB
 libgcrypt                            aarch64 1.11.0-5.fc42                  fedora       1.1 MiB
 libgpg-error                         aarch64 1.51-2.fc42                    fedora     954.0 KiB
 libgs                                aarch64 10.05.0-1.fc42                 fedora      23.2 MiB
 libicu                               aarch64 76.1-4.fc42                    fedora      36.5 MiB
 libijs                               aarch64 0.35-24.fc42                   fedora     101.6 KiB
 libimagequant                        aarch64 4.0.3-7.fc42                   fedora     668.7 KiB
 libjpeg-turbo                        aarch64 3.1.0-2.fc42                   fedora     738.6 KiB
 libksba                              aarch64 1.6.7-3.fc42                   fedora     398.4 KiB
 liblerc                              aarch64 4.0.0-8.fc42                   fedora     546.5 KiB
 libmaxminddb                         aarch64 1.12.2-3.fc42                  fedora     173.0 KiB
 libpaper                             aarch64 1:2.1.1-8.fc42                 fedora      96.8 KiB
 libpng                               aarch64 2:1.6.44-2.fc42                fedora     269.8 KiB
 librsvg2                             aarch64 2.60.0-1.fc42                  fedora       4.6 MiB
 libseccomp                           aarch64 2.5.5-2.fc41                   fedora     241.4 KiB
 libthai                              aarch64 0.1.29-10.fc42                 fedora     807.4 KiB
 libtiff                              aarch64 4.7.0-3.fc42                   fedora     658.0 KiB
 libusb1                              aarch64 1.0.28-2.fc42                  fedora     178.7 KiB
 libuv                                aarch64 1:1.51.0-1.fc42                updates    605.4 KiB
 libwebp                              aarch64 1.5.0-2.fc42                   fedora     817.0 KiB
 libxcb                               aarch64 1.17.0-5.fc42                  fedora       2.2 MiB
 libyaml                              aarch64 0.2.5-16.fc42                  fedora     134.5 KiB
 libyuv                               aarch64 0-0.56.20240704git96bbdb5.fc42 fedora     526.5 KiB
 lksctp-tools                         aarch64 1.0.20-2.fc42                  fedora     514.2 KiB
 lmdb-libs                            aarch64 0.9.33-3.fc42                  fedora     145.4 KiB
 mkfontscale                          aarch64 1.2.3-2.fc42                   fedora      77.0 KiB
 mpdecimal                            aarch64 4.0.0-2.fc42                   fedora     280.8 KiB
 netpbm                               aarch64 11.10.00-1.fc42                updates    637.6 KiB
 nettle                               aarch64 3.10.1-1.fc42                  fedora     765.3 KiB
 npth                                 aarch64 1.8-2.fc42                     fedora      93.5 KiB
 nspr                                 aarch64 4.36.0-7.fc42                  updates    419.7 KiB
 nss                                  aarch64 3.110.0-2.fc42                 updates      1.9 MiB
 nss-softokn                          aarch64 3.110.0-2.fc42                 updates      2.2 MiB
 nss-softokn-freebl                   aarch64 3.110.0-2.fc42                 updates    739.6 KiB
 nss-sysinit                          aarch64 3.110.0-2.fc42                 updates     70.1 KiB
 nss-util                             aarch64 3.110.0-2.fc42                 updates    216.9 KiB
 openjpeg                             aarch64 2.5.3-6.fc42                   fedora     411.8 KiB
 openssh                              aarch64 9.9p1-10.fc42                  fedora       1.4 MiB
 pango                                aarch64 1.56.3-1.fc42                  fedora       1.2 MiB
 pixman                               aarch64 0.44.2-2.fc42                  fedora     654.4 KiB
 poppler                              aarch64 25.02.0-1.fc42                 fedora       3.5 MiB
 poppler-data                         noarch  0.4.11-9.fc42                  fedora      12.3 MiB
 poppler-glib                         aarch64 25.02.0-1.fc42                 fedora     606.9 KiB
 protobuf-c                           aarch64 1.5.1-1.fc42                   updates     77.7 KiB
 pyproject-rpm-macros                 noarch  1.18.1-1.fc42                  fedora     114.5 KiB
 python-pip-wheel                     noarch  24.3.1-2.fc42                  fedora       1.2 MiB
 python-rpm-macros                    noarch  3.13-4.fc42                    fedora      22.1 KiB
 python3                              aarch64 3.13.3-2.fc42                  updates     84.7 KiB
 python3-iniconfig                    noarch  1.1.1-25.fc42                  fedora      20.6 KiB
 python3-libs                         aarch64 3.13.3-2.fc42                  updates     42.0 MiB
 python3-packaging                    noarch  24.2-3.fc42                    fedora     555.7 KiB
 python3-pluggy                       noarch  1.5.0-2.fc42                   fedora     192.7 KiB
 python3-rpm-generators               noarch  14-12.fc42                     fedora      81.7 KiB
 python3-rpm-macros                   noarch  3.13-4.fc42                    fedora       6.4 KiB
 rav1e-libs                           aarch64 0.7.1-5.fc42                   fedora       2.1 MiB
 rsvg-pixbuf-loader                   aarch64 2.60.0-1.fc42                  fedora     337.3 KiB
 sgml-common                          noarch  0.6.3-66.fc42                  fedora     168.1 KiB
 shared-mime-info                     aarch64 2.3-7.fc42                     fedora       5.3 MiB
 source-highlight                     aarch64 3.1.9-24.fc42                  fedora       3.1 MiB
 svt-av1-libs                         aarch64 2.3.0-1.fc42                   fedora       3.0 MiB
 tpm2-tss                             aarch64 4.1.3-6.fc42                   fedora       2.1 MiB
 ttmkfdir                             aarch64 3.0.9-72.fc42                  fedora     158.3 KiB
 tzdata                               noarch  2025b-1.fc42                   fedora       1.6 MiB
 tzdata-java                          noarch  2025b-1.fc42                   fedora     100.1 KiB
 unbound-libs                         aarch64 1.22.0-14.fc42                 fedora       1.4 MiB
 urw-base35-bookman-fonts             noarch  20200910-24.fc42               fedora       1.4 MiB
 urw-base35-c059-fonts                noarch  20200910-24.fc42               fedora       1.4 MiB
 urw-base35-d050000l-fonts            noarch  20200910-24.fc42               fedora      84.3 KiB
 urw-base35-fonts                     noarch  20200910-24.fc42               fedora       5.3 KiB
 urw-base35-fonts-common              noarch  20200910-24.fc42               fedora      37.4 KiB
 urw-base35-gothic-fonts              noarch  20200910-24.fc42               fedora       1.2 MiB
 urw-base35-nimbus-mono-ps-fonts      noarch  20200910-24.fc42               fedora       1.0 MiB
 urw-base35-nimbus-roman-fonts        noarch  20200910-24.fc42               fedora       1.4 MiB
 urw-base35-nimbus-sans-fonts         noarch  20200910-24.fc42               fedora       2.4 MiB
 urw-base35-p052-fonts                noarch  20200910-24.fc42               fedora       1.5 MiB
 urw-base35-standard-symbols-ps-fonts noarch  20200910-24.fc42               fedora      64.9 KiB
 urw-base35-z003-fonts                noarch  20200910-24.fc42               fedora     390.8 KiB
 xml-common                           noarch  0.6.3-66.fc42                  fedora      78.4 KiB
 xorg-x11-fonts-Type1                 noarch  7.5-40.fc42                    fedora     863.3 KiB

Transaction Summary:
 Installing:       161 packages

Total size of inbound packages is 139 MiB. Need to download 139 MiB.
After this operation, 581 MiB extra will be used (install 581 MiB, remove 0 B).
[  1/161] asciidoc-0:10.2.0-12.fc42.noa 100% |  22.8 MiB/s | 420.3 KiB |  00m00s
[  2/161] libxslt-0:1.1.43-1.fc42.aarch 100% |   9.9 MiB/s | 182.3 KiB |  00m00s
[  3/161] make-1:4.4.1-10.fc42.aarch64  100% |  38.1 MiB/s | 584.7 KiB |  00m00s
[  4/161] openssh-clients-0:9.9p1-10.fc 100% |  46.2 MiB/s | 757.3 KiB |  00m00s
[  5/161] gnutls-utils-0:3.8.9-3.fc42.a 100% |   7.6 MiB/s | 302.6 KiB |  00m00s
[  6/161] openssl-1:3.2.4-3.fc42.aarch6 100% |  73.6 MiB/s |   1.1 MiB |  00m00s
[  7/161] nss-tools-0:3.110.0-2.fc42.aa 100% |  53.7 MiB/s | 549.8 KiB |  00m00s
[  8/161] sequoia-policy-config-0:0.8.0 100% |  14.0 MiB/s | 359.5 KiB |  00m00s
[  9/161] systemd-rpm-macros-0:257.5-2. 100% |  11.5 MiB/s |  35.3 KiB |  00m00s
[ 10/161] python3-devel-0:3.13.3-2.fc42 100% |  79.0 MiB/s | 404.7 KiB |  00m00s
[ 11/161] docbook-style-xsl-0:1.79.2-24 100% | 151.2 MiB/s |   1.5 MiB |  00m00s
[ 12/161] source-highlight-0:3.1.9-24.f 100% |  79.6 MiB/s | 733.4 KiB |  00m00s
[ 13/161] gnutls-dane-0:3.8.9-3.fc42.aa 100% |  20.3 MiB/s |  41.6 KiB |  00m00s
[ 14/161] gnutls-0:3.8.9-3.fc42.aarch64 100% | 143.3 MiB/s |   1.1 MiB |  00m00s
[ 15/161] libfido2-0:1.15.0-3.fc42.aarc 100% |  11.7 MiB/s |  96.1 KiB |  00m00s
[ 16/161] openssh-0:9.9p1-10.fc42.aarch 100% |  84.9 MiB/s | 347.8 KiB |  00m00s
[ 17/161] libedit-0:3.1-55.20250104cvs. 100% |   4.9 MiB/s | 104.8 KiB |  00m00s
[ 18/161] java-21-openjdk-1:21.0.7.0.6- 100% |  45.1 MiB/s | 415.3 KiB |  00m00s
[ 19/161] nss-0:3.110.0-2.fc42.aarch64  100% |  75.7 MiB/s | 698.0 KiB |  00m00s
[ 20/161] python3-0:3.13.3-2.fc42.aarch 100% |   7.3 MiB/s |  29.8 KiB |  00m00s
[ 21/161] docbook-dtds-0:1.0-88.fc42.no 100% |  81.8 MiB/s | 335.0 KiB |  00m00s
[ 22/161] xml-common-0:0.6.3-66.fc42.no 100% |   6.1 MiB/s |  31.2 KiB |  00m00s
[ 23/161] boost-regex-0:1.83.0-12.fc42. 100% |  11.9 MiB/s | 109.6 KiB |  00m00s
[ 24/161] java-21-openjdk-devel-1:21.0. 100% |  50.4 MiB/s |   5.0 MiB |  00m00s
[ 25/161] ctags-0:6.1.0-2.fc42.aarch64  100% |  68.3 MiB/s | 839.4 KiB |  00m00s
[ 26/161] nettle-0:3.10.1-1.fc42.aarch6 100% |  59.2 MiB/s | 424.6 KiB |  00m00s
[ 27/161] libcbor-0:0.11.0-3.fc42.aarch 100% |  10.5 MiB/s |  32.4 KiB |  00m00s
[ 28/161] unbound-libs-0:1.22.0-14.fc42 100% |  64.7 MiB/s | 530.1 KiB |  00m00s
[ 29/161] python3-libs-0:3.13.3-2.fc42. 100% | 161.3 MiB/s |   9.0 MiB |  00m00s
[ 30/161] fontconfig-0:2.16.0-2.fc42.aa 100% |  17.8 MiB/s | 274.1 KiB |  00m00s
[ 31/161] libXcomposite-0:0.4.6-5.fc42. 100% |  12.0 MiB/s |  24.5 KiB |  00m00s
[ 32/161] libX11-0:1.8.11-1.fc42.aarch6 100% |  89.7 MiB/s | 642.7 KiB |  00m00s
[ 33/161] libXext-0:1.3.6-3.fc42.aarch6 100% |   6.3 MiB/s |  38.4 KiB |  00m00s
[ 34/161] libXi-0:1.8.2-2.fc42.aarch64  100% |   7.8 MiB/s |  39.8 KiB |  00m00s
[ 35/161] libXrender-0:0.9.12-2.fc42.aa 100% |   8.8 MiB/s |  27.0 KiB |  00m00s
[ 36/161] libXtst-0:1.2.5-2.fc42.aarch6 100% |  10.1 MiB/s |  20.7 KiB |  00m00s
[ 37/161] xorg-x11-fonts-Type1-0:7.5-40 100% |  82.4 MiB/s | 506.3 KiB |  00m00s
[ 38/161] nss-softokn-0:3.110.0-2.fc42. 100% |  79.7 MiB/s | 408.2 KiB |  00m00s
[ 39/161] nss-util-0:3.110.0-2.fc42.aar 100% |  27.6 MiB/s |  84.9 KiB |  00m00s
[ 40/161] expat-0:2.7.1-1.fc42.aarch64  100% |  36.5 MiB/s | 112.1 KiB |  00m00s
[ 41/161] libb2-0:0.98.1-13.fc42.aarch6 100% |  12.7 MiB/s |  26.0 KiB |  00m00s
[ 42/161] mpdecimal-0:4.0.0-2.fc42.aarc 100% |  23.4 MiB/s |  95.7 KiB |  00m00s
[ 43/161] python-pip-wheel-0:24.3.1-2.f 100% | 172.0 MiB/s |   1.2 MiB |  00m00s
[ 44/161] tzdata-0:2025b-1.fc42.noarch  100% |  99.6 MiB/s | 714.0 KiB |  00m00s
[ 45/161] sgml-common-0:0.6.3-66.fc42.n 100% |  19.7 MiB/s |  60.6 KiB |  00m00s
[ 46/161] libseccomp-0:2.5.5-2.fc41.aar 100% |  17.4 MiB/s |  71.4 KiB |  00m00s
[ 47/161] libyaml-0:0.2.5-16.fc42.aarch 100% |   5.7 MiB/s |  57.9 KiB |  00m00s
[ 48/161] hiredis-0:1.2.0-6.fc42.aarch6 100% |   6.8 MiB/s |  48.7 KiB |  00m00s
[ 49/161] javapackages-filesystem-0:6.4 100% | 454.5 KiB/s |  14.1 KiB |  00m00s
[ 50/161] libicu-0:76.1-4.fc42.aarch64  100% | 133.7 MiB/s |  10.6 MiB |  00m00s
[ 51/161] lksctp-tools-0:1.0.20-2.fc42. 100% |   3.8 MiB/s |  96.3 KiB |  00m00s
[ 52/161] default-fonts-core-sans-0:4.2 100% |   4.4 MiB/s |  31.3 KiB |  00m00s
[ 53/161] tzdata-java-0:2025b-1.fc42.no 100% |   3.2 MiB/s |  46.4 KiB |  00m00s
[ 54/161] fonts-filesystem-1:2.0.5-21.f 100% | 956.9 KiB/s |   8.6 KiB |  00m00s
[ 55/161] freetype-0:2.13.3-2.fc42.aarc 100% |  56.2 MiB/s | 403.1 KiB |  00m00s
[ 56/161] libX11-common-0:1.8.11-1.fc42 100% |  34.4 MiB/s | 176.1 KiB |  00m00s
[ 57/161] mkfontscale-0:1.2.3-2.fc42.aa 100% |   7.7 MiB/s |  31.5 KiB |  00m00s
[ 58/161] libxcb-0:1.17.0-5.fc42.aarch6 100% |  18.2 MiB/s | 241.7 KiB |  00m00s
[ 59/161] nss-softokn-freebl-0:3.110.0- 100% |  58.2 MiB/s | 298.1 KiB |  00m00s
[ 60/161] ttmkfdir-0:3.0.9-72.fc42.aarc 100% |   3.6 MiB/s |  51.3 KiB |  00m00s
[ 61/161] abattis-cantarell-vf-fonts-0: 100% |  23.5 MiB/s | 120.3 KiB |  00m00s
[ 62/161] google-noto-sans-vf-fonts-0:2 100% |  31.6 MiB/s | 614.5 KiB |  00m00s
[ 63/161] harfbuzz-0:10.4.0-1.fc42.aarc 100% |  37.8 MiB/s |   1.0 MiB |  00m00s
[ 64/161] libpng-2:1.6.44-2.fc42.aarch6 100% |   6.4 MiB/s | 118.0 KiB |  00m00s
[ 65/161] libXau-0:1.0.12-2.fc42.aarch6 100% |   2.8 MiB/s |  33.8 KiB |  00m00s
[ 66/161] nss-sysinit-0:3.110.0-2.fc42. 100% |   9.5 MiB/s |  19.4 KiB |  00m00s
[ 67/161] libfontenc-0:1.1.8-3.fc42.aar 100% |   3.2 MiB/s |  32.6 KiB |  00m00s
[ 68/161] google-noto-fonts-common-0:20 100% |   8.3 MiB/s |  17.1 KiB |  00m00s
[ 69/161] graphite2-0:1.3.14-18.fc42.aa 100% |  17.9 MiB/s |  91.8 KiB |  00m00s
[ 70/161] bind-32:9.18.35-2.fc42.aarch6 100% |  28.5 MiB/s | 321.0 KiB |  00m00s
[ 71/161] bind-libs-32:9.18.35-2.fc42.a 100% | 123.5 MiB/s |   1.2 MiB |  00m00s
[ 72/161] libmaxminddb-0:1.12.2-3.fc42. 100% |   4.0 MiB/s |  49.5 KiB |  00m00s
[ 73/161] fstrm-0:0.6.1-12.fc42.aarch64 100% |   1.7 MiB/s |  27.6 KiB |  00m00s
[ 74/161] lmdb-libs-0:0.9.33-3.fc42.aar 100% |  20.1 MiB/s |  61.7 KiB |  00m00s
[ 75/161] python3-iniconfig-0:1.1.1-25. 100% |   4.4 MiB/s |  18.1 KiB |  00m00s
[ 76/161] python3-pytest-0:8.3.4-2.fc42 100% | 153.6 MiB/s |   2.2 MiB |  00m00s
[ 77/161] python3-packaging-0:24.2-3.fc 100% |  18.8 MiB/s | 154.0 KiB |  00m00s
[ 78/161] python3-pluggy-0:1.5.0-2.fc42 100% |  14.4 MiB/s |  58.9 KiB |  00m00s
[ 79/161] protobuf-c-0:1.5.1-1.fc42.aar 100% |   4.4 MiB/s |  31.6 KiB |  00m00s
[ 80/161] java-21-openjdk-headless-1:21 100% | 144.4 MiB/s |  46.8 MiB |  00m00s
[ 81/161] glib2-0:2.84.1-1.fc42.aarch64 100% |  56.3 MiB/s |   3.0 MiB |  00m00s
[ 82/161] gd-0:2.3.3-18.fc42.aarch64    100% |  42.3 MiB/s | 129.9 KiB |  00m00s
[ 83/161] cairo-0:1.18.2-3.fc42.aarch64 100% |  52.5 MiB/s | 698.9 KiB |  00m00s
[ 84/161] gdk-pixbuf2-0:2.42.12-10.fc42 100% |  95.4 MiB/s | 488.5 KiB |  00m00s
[ 85/161] gts-0:0.7.6-50.20121130.fc42. 100% |  44.5 MiB/s | 227.7 KiB |  00m00s
[ 86/161] lasi-0:1.1.3-16.fc42.aarch64  100% |  17.5 MiB/s |  53.8 KiB |  00m00s
[ 87/161] librsvg2-0:2.60.0-1.fc42.aarc 100% | 110.0 MiB/s |   1.8 MiB |  00m00s
[ 88/161] libgs-0:10.05.0-1.fc42.aarch6 100% | 141.7 MiB/s |   3.4 MiB |  00m00s
[ 89/161] libwebp-0:1.5.0-2.fc42.aarch6 100% |  36.4 MiB/s | 260.8 KiB |  00m00s
[ 90/161] pango-0:1.56.3-1.fc42.aarch64 100% |  28.2 MiB/s | 346.6 KiB |  00m00s
[ 91/161] poppler-glib-0:25.02.0-1.fc42 100% |  16.7 MiB/s | 188.4 KiB |  00m00s
[ 92/161] urw-base35-fonts-0:20200910-2 100% |   4.9 MiB/s |  10.1 KiB |  00m00s
[ 93/161] pixman-0:0.44.2-2.fc42.aarch6 100% |  38.8 MiB/s | 198.7 KiB |  00m00s
[ 94/161] libXpm-0:3.5.17-5.fc42.aarch6 100% |  20.7 MiB/s |  63.6 KiB |  00m00s
[ 95/161] libavif-0:1.1.1-1.fc42.aarch6 100% |  30.9 MiB/s |  95.0 KiB |  00m00s
[ 96/161] libimagequant-0:4.0.3-7.fc42. 100% |  72.8 MiB/s | 298.0 KiB |  00m00s
[ 97/161] libjpeg-turbo-0:3.1.0-2.fc42. 100% |  40.9 MiB/s | 251.6 KiB |  00m00s
[ 98/161] libtiff-0:4.7.0-3.fc42.aarch6 100% |  29.0 MiB/s | 207.5 KiB |  00m00s
[ 99/161] shared-mime-info-0:2.3-7.fc42 100% |  63.3 MiB/s | 389.0 KiB |  00m00s
[100/161] adobe-mappings-cmap-deprecate 100% |  15.4 MiB/s | 110.5 KiB |  00m00s
[101/161] adobe-mappings-cmap-0:2023111 100% | 140.5 MiB/s |   2.2 MiB |  00m00s
[102/161] graphviz-0:12.2.1-8.fc42.aarc 100% |  33.5 MiB/s |   4.7 MiB |  00m00s
[103/161] adobe-mappings-pdf-0:20190401 100% |  55.5 MiB/s | 625.1 KiB |  00m00s
[104/161] jbig2dec-libs-0:0.20-6.fc42.a 100% |  17.5 MiB/s |  71.5 KiB |  00m00s
[105/161] lcms2-0:2.16-5.fc42.aarch64   100% |  17.7 MiB/s | 180.8 KiB |  00m00s
[106/161] libXt-0:1.3.1-2.fc42.aarch64  100% |  21.3 MiB/s | 174.7 KiB |  00m00s
[107/161] google-droid-sans-fonts-0:202 100% | 128.8 MiB/s |   2.7 MiB |  00m00s
[108/161] libijs-0:0.35-24.fc42.aarch64 100% |   4.1 MiB/s |  29.2 KiB |  00m00s
[109/161] libpaper-1:2.1.1-8.fc42.aarch 100% |   2.4 MiB/s |  26.8 KiB |  00m00s
[110/161] cairo-gobject-0:1.18.2-3.fc42 100% |   2.8 MiB/s |  17.3 KiB |  00m00s
[111/161] openjpeg-0:2.5.3-6.fc42.aarch 100% |  17.9 MiB/s | 182.8 KiB |  00m00s
[112/161] rsvg-pixbuf-loader-0:2.60.0-1 100% |  38.9 MiB/s | 159.3 KiB |  00m00s
[113/161] libdav1d-0:1.5.1-1.fc42.aarch 100% |  69.2 MiB/s | 354.1 KiB |  00m00s
[114/161] fribidi-0:1.0.16-2.fc42.aarch 100% |  13.1 MiB/s |  53.8 KiB |  00m00s
[115/161] libXft-0:2.3.8-8.fc42.aarch64 100% |  17.2 MiB/s |  70.6 KiB |  00m00s
[116/161] libthai-0:0.1.29-10.fc42.aarc 100% |  34.3 MiB/s | 210.8 KiB |  00m00s
[117/161] poppler-0:25.02.0-1.fc42.aarc 100% | 129.1 MiB/s |   1.2 MiB |  00m00s
[118/161] urw-base35-bookman-fonts-0:20 100% |  91.9 MiB/s | 846.9 KiB |  00m00s
[119/161] urw-base35-d050000l-fonts-0:2 100% |  12.3 MiB/s |  75.8 KiB |  00m00s
[120/161] urw-base35-fonts-common-0:202 100% |  10.2 MiB/s |  20.8 KiB |  00m00s
[121/161] urw-base35-gothic-fonts-0:202 100% |  89.6 MiB/s | 642.5 KiB |  00m00s
[122/161] urw-base35-nimbus-mono-ps-fon 100% |  97.0 MiB/s | 794.7 KiB |  00m00s
[123/161] urw-base35-c059-fonts-0:20200 100% |  42.7 MiB/s | 874.0 KiB |  00m00s
[124/161] urw-base35-nimbus-roman-fonts 100% |  92.9 MiB/s | 856.1 KiB |  00m00s
[125/161] urw-base35-nimbus-sans-fonts- 100% | 130.5 MiB/s |   1.3 MiB |  00m00s
[126/161] urw-base35-standard-symbols-p 100% |  19.0 MiB/s |  58.3 KiB |  00m00s
[127/161] urw-base35-z003-fonts-0:20200 100% |  67.3 MiB/s | 275.5 KiB |  00m00s
[128/161] libyuv-0:0-0.56.20240704git96 100% |  39.8 MiB/s | 162.9 KiB |  00m00s
[129/161] libaom-0:3.12.0-1.fc42.aarch6 100% | 101.9 MiB/s |   1.6 MiB |  00m00s
[130/161] rav1e-libs-0:0.7.1-5.fc42.aar 100% |  77.6 MiB/s | 794.6 KiB |  00m00s
[131/161] urw-base35-p052-fonts-0:20200 100% |  27.2 MiB/s | 973.2 KiB |  00m00s
[132/161] jbigkit-libs-0:2.1-31.fc42.aa 100% |   8.6 MiB/s |  52.8 KiB |  00m00s
[133/161] svt-av1-libs-0:2.3.0-1.fc42.a 100% | 110.6 MiB/s |   1.2 MiB |  00m00s
[134/161] liblerc-0:4.0.0-8.fc42.aarch6 100% |  38.6 MiB/s | 197.8 KiB |  00m00s
[135/161] libICE-0:1.1.2-2.fc42.aarch64 100% |  18.8 MiB/s |  77.2 KiB |  00m00s
[136/161] libSM-0:1.2.5-2.fc42.aarch64  100% |  14.5 MiB/s |  44.4 KiB |  00m00s
[137/161] libdatrie-0:0.2.13-11.fc42.aa 100% |  15.7 MiB/s |  32.1 KiB |  00m00s
[138/161] gpgmepp-0:1.24.2-1.fc42.aarch 100% |  42.8 MiB/s | 131.5 KiB |  00m00s
[139/161] poppler-data-0:0.4.11-9.fc42. 100% | 219.1 MiB/s |   2.0 MiB |  00m00s
[140/161] libassuan-0:2.5.7-3.fc42.aarc 100% |   9.3 MiB/s |  66.7 KiB |  00m00s
[141/161] gpgme-0:1.24.2-1.fc42.aarch64 100% |  26.3 MiB/s | 215.4 KiB |  00m00s
[142/161] libgpg-error-0:1.51-2.fc42.aa 100% |  32.9 MiB/s | 235.9 KiB |  00m00s
[143/161] libgcrypt-0:1.11.0-5.fc42.aar 100% |  61.2 MiB/s | 501.4 KiB |  00m00s
[144/161] libksba-0:1.6.7-3.fc42.aarch6 100% |  51.7 MiB/s | 159.0 KiB |  00m00s
[145/161] npth-0:1.8-2.fc42.aarch64     100% |  12.3 MiB/s |  25.2 KiB |  00m00s
[146/161] gnupg2-0:2.4.7-2.fc42.aarch64 100% | 151.4 MiB/s |   2.7 MiB |  00m00s
[147/161] libusb1-0:1.0.28-2.fc42.aarch 100% |   9.4 MiB/s |  77.2 KiB |  00m00s
[148/161] nspr-0:4.36.0-7.fc42.aarch64  100% |  26.2 MiB/s | 134.1 KiB |  00m00s
[149/161] tpm2-tss-0:4.1.3-6.fc42.aarch 100% |  32.5 MiB/s | 398.8 KiB |  00m00s
[150/161] alsa-lib-0:1.2.14-2.fc42.aarc 100% |  55.0 MiB/s | 507.3 KiB |  00m00s
[151/161] cups-filesystem-1:2.4.12-2.fc 100% |   1.9 MiB/s |  13.5 KiB |  00m00s
[152/161] cups-libs-1:2.4.12-2.fc42.aar 100% |  21.1 MiB/s | 259.7 KiB |  00m00s
[153/161] avahi-libs-0:0.9~rc2-2.fc42.a 100% |   9.3 MiB/s |  66.4 KiB |  00m00s
[154/161] dbus-libs-1:1.16.0-3.fc42.aar 100% |  20.3 MiB/s | 145.8 KiB |  00m00s
[155/161] graphviz-libs-0:12.2.1-8.fc42 100% |  72.4 MiB/s | 444.9 KiB |  00m00s
[156/161] libuv-1:1.51.0-1.fc42.aarch64 100% |  36.5 MiB/s | 261.9 KiB |  00m00s
[157/161] netpbm-0:11.10.00-1.fc42.aarc 100% |  36.3 MiB/s | 186.1 KiB |  00m00s
[158/161] pyproject-rpm-macros-0:1.18.1 100% |  10.9 MiB/s |  44.8 KiB |  00m00s
[159/161] python-rpm-macros-0:3.13-4.fc 100% |   5.5 MiB/s |  16.9 KiB |  00m00s
[160/161] python3-rpm-generators-0:14-1 100% |   9.5 MiB/s |  29.2 KiB |  00m00s
[161/161] python3-rpm-macros-0:3.13-4.f 100% |   5.7 MiB/s |  11.7 KiB |  00m00s
--------------------------------------------------------------------------------
[161/161] Total                         100% | 131.5 MiB/s | 139.5 MiB |  00m01s
Running transaction
[  1/163] Verify package files          100% | 325.0   B/s | 161.0   B |  00m00s
[  2/163] Prepare transaction           100% |   1.7 KiB/s | 161.0   B |  00m00s
[  3/163] Installing nspr-0:4.36.0-7.fc 100% | 137.2 MiB/s | 421.4 KiB |  00m00s
[  4/163] Installing libjpeg-turbo-0:3. 100% | 241.0 MiB/s | 740.3 KiB |  00m00s
[  5/163] Installing libpng-2:1.6.44-2. 100% | 132.4 MiB/s | 271.1 KiB |  00m00s
[  6/163] Installing nss-util-0:3.110.0 100% | 106.3 MiB/s | 217.7 KiB |  00m00s
[  7/163] Installing libgpg-error-0:1.5 100% |  40.8 MiB/s | 959.9 KiB |  00m00s
[  8/163] Installing fonts-filesystem-1 100% | 769.5 KiB/s | 788.0   B |  00m00s
[  9/163] Installing urw-base35-fonts-c 100% |  37.5 MiB/s |  38.4 KiB |  00m00s
[ 10/163] Installing libassuan-0:2.5.7- 100% | 106.3 MiB/s | 217.7 KiB |  00m00s
[ 11/163] Installing python-rpm-macros- 100% |  22.3 MiB/s |  22.8 KiB |  00m00s
[ 12/163] Installing libwebp-0:1.5.0-2. 100% | 200.5 MiB/s | 821.1 KiB |  00m00s
[ 13/163] Installing protobuf-c-0:1.5.1 100% |  77.4 MiB/s |  79.3 KiB |  00m00s
[ 14/163] Installing expat-0:2.7.1-1.fc 100% |  13.9 MiB/s | 356.2 KiB |  00m00s
[ 15/163] Installing xml-common-0:0.6.3 100% |  39.6 MiB/s |  81.1 KiB |  00m00s
[ 16/163] Installing python3-rpm-macros 100% |   6.5 MiB/s |   6.7 KiB |  00m00s
[ 17/163] Installing libuv-1:1.51.0-1.f 100% | 198.0 MiB/s | 608.2 KiB |  00m00s
[ 18/163] Installing libICE-0:1.1.2-2.f 100% | 218.5 MiB/s | 223.8 KiB |  00m00s
[ 19/163] Installing libdav1d-0:1.5.1-1 100% | 209.4 MiB/s | 857.9 KiB |  00m00s
[ 20/163] Installing openjpeg-0:2.5.3-6 100% | 134.7 MiB/s | 413.8 KiB |  00m00s
[ 21/163] Installing lcms2-0:2.16-5.fc4 100% | 137.5 MiB/s | 422.4 KiB |  00m00s
[ 22/163] Installing adobe-mappings-cma 100% | 292.1 MiB/s |  15.2 MiB |  00m00s
[ 23/163] Installing lmdb-libs-0:0.9.33 100% | 143.4 MiB/s | 146.8 KiB |  00m00s
[ 24/163] Installing libmaxminddb-0:1.1 100% |   8.6 MiB/s | 175.1 KiB |  00m00s
[ 25/163] Installing fstrm-0:0.6.1-12.f 100% |  70.1 MiB/s |  71.8 KiB |  00m00s
[ 26/163] Installing nettle-0:3.10.1-1. 100% | 187.6 MiB/s | 768.4 KiB |  00m00s
[ 27/163] Installing gnutls-0:3.8.9-3.f 100% | 263.8 MiB/s |   3.4 MiB |  00m00s
[ 28/163] Installing glib2-0:2.84.1-1.f 100% | 222.7 MiB/s |  15.4 MiB |  00m00s
[ 29/163] Installing shared-mime-info-0 100% |  75.0 MiB/s |   2.6 MiB |  00m00s
[ 30/163] Installing gdk-pixbuf2-0:2.42 100% |  79.7 MiB/s |   2.6 MiB |  00m00s
[ 31/163] Installing bind-libs-32:9.18. 100% | 272.3 MiB/s |   3.8 MiB |  00m00s
[ 32/163] Installing adobe-mappings-cma 100% | 190.5 MiB/s | 585.2 KiB |  00m00s
[ 33/163] Installing libSM-0:1.2.5-2.fc 100% | 127.4 MiB/s | 130.4 KiB |  00m00s
[ 34/163] Installing pyproject-rpm-macr 100% | 113.7 MiB/s | 116.4 KiB |  00m00s
[ 35/163] Installing graphviz-libs-0:12 100% | 221.6 MiB/s |   1.3 MiB |  00m00s
[ 36/163] Installing urw-base35-bookman 100% |  97.5 MiB/s |   1.4 MiB |  00m00s
[ 37/163] Installing urw-base35-c059-fo 100% | 126.8 MiB/s |   1.4 MiB |  00m00s
[ 38/163] Installing urw-base35-d050000 100% |  10.4 MiB/s |  85.4 KiB |  00m00s
[ 39/163] Installing urw-base35-gothic- 100% | 105.7 MiB/s |   1.2 MiB |  00m00s
[ 40/163] Installing urw-base35-nimbus- 100% | 105.2 MiB/s |   1.1 MiB |  00m00s
[ 41/163] Installing urw-base35-nimbus- 100% | 124.2 MiB/s |   1.4 MiB |  00m00s
[ 42/163] Installing urw-base35-nimbus- 100% | 171.0 MiB/s |   2.4 MiB |  00m00s
[ 43/163] Installing urw-base35-p052-fo 100% | 135.2 MiB/s |   1.5 MiB |  00m00s
[ 44/163] Installing urw-base35-standar 100% |   8.1 MiB/s |  66.0 KiB |  00m00s
[ 45/163] Installing urw-base35-z003-fo 100% |  47.8 MiB/s | 391.8 KiB |  00m00s
[ 46/163] Installing urw-base35-fonts-0 100% |   5.5 MiB/s |   5.6 KiB |  00m00s
[ 47/163] Installing abattis-cantarell- 100% |  94.9 MiB/s | 194.4 KiB |  00m00s
[ 48/163] Installing google-droid-sans- 100% | 260.8 MiB/s |   6.3 MiB |  00m00s
[ 49/163] Installing libgcrypt-0:1.11.0 100% | 226.0 MiB/s |   1.1 MiB |  00m00s
[ 50/163] Installing libksba-0:1.6.7-3. 100% | 195.8 MiB/s | 401.0 KiB |  00m00s
[ 51/163] Installing nss-softokn-freebl 100% | 181.1 MiB/s | 741.8 KiB |  00m00s
[ 52/163] Installing nss-softokn-0:3.11 100% | 308.4 MiB/s |   2.2 MiB |  00m00s
[ 53/163] Installing nss-sysinit-0:3.11 100% |   3.7 MiB/s |  71.2 KiB |  00m00s
[ 54/163] Installing nss-0:3.110.0-2.fc 100% | 147.0 MiB/s |   1.9 MiB |  00m00s
[ 55/163] Installing libyuv-0:0-0.56.20 100% | 171.9 MiB/s | 528.2 KiB |  00m00s
[ 56/163] Installing netpbm-0:11.10.00- 100% | 208.2 MiB/s | 639.5 KiB |  00m00s
[ 57/163] Installing gts-0:0.7.6-50.201 100% |  45.5 MiB/s |   1.1 MiB |  00m00s
[ 58/163] Installing dbus-libs-1:1.16.0 100% | 194.6 MiB/s | 398.6 KiB |  00m00s
[ 59/163] Installing avahi-libs-0:0.9~r 100% | 113.8 MiB/s | 233.0 KiB |  00m00s
[ 60/163] Installing cups-filesystem-1: 100% |   1.7 MiB/s |   1.8 KiB |  00m00s
[ 61/163] Installing cups-libs-1:2.4.12 100% | 217.6 MiB/s | 668.4 KiB |  00m00s
[ 62/163] Installing alsa-lib-0:1.2.14- 100% |  57.1 MiB/s |   1.5 MiB |  00m00s
[ 63/163] Installing libusb1-0:1.0.28-2 100% |  10.4 MiB/s | 180.3 KiB |  00m00s
>>> Running sysusers scriptlet: tpm2-tss-0:4.1.3-6.fc42.aarch64                 
>>> Finished sysusers scriptlet: tpm2-tss-0:4.1.3-6.fc42.aarch64                
>>> Scriptlet output:                                                           
>>> Creating group 'tss' with GID 59.                                           
>>> Creating user 'tss' (Account used for TPM access) with UID 59 and GID 59.   
>>>                                                                             
[ 64/163] Installing tpm2-tss-0:4.1.3-6 100% | 215.9 MiB/s |   2.2 MiB |  00m00s
[ 65/163] Installing npth-0:1.8-2.fc42. 100% |  46.2 MiB/s |  94.6 KiB |  00m00s
[ 66/163] Installing gnupg2-0:2.4.7-2.f 100% | 179.5 MiB/s |  10.4 MiB |  00m00s
[ 67/163] Installing gpgme-0:1.24.2-1.f 100% |  32.2 MiB/s | 693.3 KiB |  00m00s
[ 68/163] Installing gpgmepp-0:1.24.2-1 100% | 149.6 MiB/s | 459.4 KiB |  00m00s
[ 69/163] Installing poppler-data-0:0.4 100% | 288.1 MiB/s |  12.4 MiB |  00m00s
[ 70/163] Installing libdatrie-0:0.2.13 100% |  92.8 MiB/s |  95.0 KiB |  00m00s
[ 71/163] Installing libthai-0:0.1.29-1 100% | 263.4 MiB/s | 809.2 KiB |  00m00s
[ 72/163] Installing liblerc-0:4.0.0-8. 100% | 178.4 MiB/s | 548.0 KiB |  00m00s
[ 73/163] Installing jbigkit-libs-0:2.1 100% | 179.2 MiB/s | 183.5 KiB |  00m00s
[ 74/163] Installing libtiff-0:4.7.0-3. 100% | 214.9 MiB/s | 660.2 KiB |  00m00s
[ 75/163] Installing svt-av1-libs-0:2.3 100% | 252.9 MiB/s |   3.0 MiB |  00m00s
[ 76/163] Installing rav1e-libs-0:0.7.1 100% | 294.6 MiB/s |   2.1 MiB |  00m00s
[ 77/163] Installing libaom-0:3.12.0-1. 100% | 272.2 MiB/s |   3.8 MiB |  00m00s
[ 78/163] Installing libavif-0:1.1.1-1. 100% | 107.1 MiB/s | 219.4 KiB |  00m00s
[ 79/163] Installing fribidi-0:1.0.16-2 100% |  12.8 MiB/s | 248.8 KiB |  00m00s
[ 80/163] Installing libpaper-1:2.1.1-8 100% |  96.2 MiB/s |  98.5 KiB |  00m00s
[ 81/163] Installing libijs-0:0.35-24.f 100% | 100.2 MiB/s | 102.6 KiB |  00m00s
[ 82/163] Installing jbig2dec-libs-0:0. 100% |  85.2 MiB/s | 174.5 KiB |  00m00s
[ 83/163] Installing adobe-mappings-pdf 100% | 314.0 MiB/s |   4.4 MiB |  00m00s
[ 84/163] Installing libimagequant-0:4. 100% | 218.2 MiB/s | 670.3 KiB |  00m00s
[ 85/163] Installing pixman-0:0.44.2-2. 100% | 213.4 MiB/s | 655.5 KiB |  00m00s
[ 86/163] Installing graphite2-0:1.3.14 100% |  12.4 MiB/s | 241.7 KiB |  00m00s
[ 87/163] Installing freetype-0:2.13.3- 100% | 159.4 MiB/s | 816.2 KiB |  00m00s
[ 88/163] Installing harfbuzz-0:10.4.0- 100% | 240.1 MiB/s |   2.6 MiB |  00m00s
[ 89/163] Installing ttmkfdir-0:3.0.9-7 100% |   8.2 MiB/s | 159.4 KiB |  00m00s
[ 90/163] Installing google-noto-fonts- 100% |  18.1 MiB/s |  18.5 KiB |  00m00s
[ 91/163] Installing google-noto-sans-v 100% | 231.9 MiB/s |   1.4 MiB |  00m00s
[ 92/163] Installing default-fonts-core 100% |   8.9 MiB/s |  18.2 KiB |  00m00s
[ 93/163] Installing fontconfig-0:2.16. 100% |   1.1 MiB/s |   1.2 MiB |  00m01s
[ 94/163] Installing poppler-0:25.02.0- 100% | 268.2 MiB/s |   3.5 MiB |  00m00s
[ 95/163] Installing libfontenc-0:1.1.8 100% | 105.6 MiB/s | 108.1 KiB |  00m00s
[ 96/163] Installing mkfontscale-0:1.2. 100% |   4.0 MiB/s |  78.4 KiB |  00m00s
[ 97/163] Installing xorg-x11-fonts-Typ 100% | 829.1 KiB/s | 865.6 KiB |  00m01s
[ 98/163] Installing libXau-0:1.0.12-2. 100% |  59.8 MiB/s | 122.5 KiB |  00m00s
[ 99/163] Installing libxcb-0:1.17.0-5. 100% | 240.8 MiB/s |   2.2 MiB |  00m00s
[100/163] Installing libX11-common-0:1. 100% |  91.4 MiB/s |   1.2 MiB |  00m00s
[101/163] Installing libX11-0:1.8.11-1. 100% | 256.1 MiB/s |   1.3 MiB |  00m00s
[102/163] Installing libXrender-0:0.9.1 100% |  69.6 MiB/s |  71.3 KiB |  00m00s
[103/163] Installing libXext-0:1.3.6-3. 100% | 143.7 MiB/s | 147.1 KiB |  00m00s
[104/163] Installing cairo-0:1.18.2-3.f 100% | 254.7 MiB/s |   1.8 MiB |  00m00s
[105/163] Installing libXi-0:1.8.2-2.fc 100% |  71.9 MiB/s |  73.6 KiB |  00m00s
[106/163] Installing libXtst-0:1.2.5-2. 100% |  72.8 MiB/s |  74.6 KiB |  00m00s
[107/163] Installing poppler-glib-0:25. 100% | 197.9 MiB/s | 607.9 KiB |  00m00s
[108/163] Installing cairo-gobject-0:1. 100% |  66.4 MiB/s |  68.0 KiB |  00m00s
[109/163] Installing libXft-0:2.3.8-8.f 100% | 189.4 MiB/s | 193.9 KiB |  00m00s
[110/163] Installing pango-0:1.56.3-1.f 100% |  48.4 MiB/s |   1.2 MiB |  00m00s
[111/163] Installing librsvg2-0:2.60.0- 100% | 270.5 MiB/s |   4.6 MiB |  00m00s
[112/163] Installing rsvg-pixbuf-loader 100% | 165.2 MiB/s | 338.3 KiB |  00m00s
[113/163] Installing lasi-0:1.1.3-16.fc 100% | 128.8 MiB/s | 131.9 KiB |  00m00s
[114/163] Installing libXcomposite-0:0. 100% |  95.8 MiB/s |  98.1 KiB |  00m00s
[115/163] Installing libXpm-0:3.5.17-5. 100% | 197.1 MiB/s | 201.8 KiB |  00m00s
[116/163] Installing gd-0:2.3.3-18.fc42 100% | 221.0 MiB/s | 452.7 KiB |  00m00s
[117/163] Installing libXt-0:1.3.1-2.fc 100% | 155.8 MiB/s | 478.8 KiB |  00m00s
[118/163] Installing libgs-0:10.05.0-1. 100% | 401.7 MiB/s |  23.3 MiB |  00m00s
[119/163] Installing tzdata-java-0:2025 100% |  98.1 MiB/s | 100.5 KiB |  00m00s
[120/163] Installing lksctp-tools-0:1.0 100% |  25.3 MiB/s | 518.6 KiB |  00m00s
[121/163] Installing javapackages-files 100% |   2.7 MiB/s |   5.5 KiB |  00m00s
[122/163] Installing java-21-openjdk-he 100% | 334.1 MiB/s | 210.5 MiB |  00m01s
[123/163] Installing java-21-openjdk-1: 100% | 108.3 MiB/s |   1.4 MiB |  00m00s
[124/163] Installing hiredis-0:1.2.0-6. 100% |  99.4 MiB/s | 203.5 KiB |  00m00s
[125/163] Installing libyaml-0:0.2.5-16 100% | 132.7 MiB/s | 135.9 KiB |  00m00s
[126/163] Installing libseccomp-0:2.5.5 100% | 118.8 MiB/s | 243.3 KiB |  00m00s
[127/163] Installing ctags-0:6.1.0-2.fc 100% |  76.7 MiB/s |   2.2 MiB |  00m00s
[128/163] Installing libicu-0:76.1-4.fc 100% | 320.5 MiB/s |  36.5 MiB |  00m00s
[129/163] Installing boost-regex-0:1.83 100% |  87.0 MiB/s | 267.4 KiB |  00m00s
[130/163] Installing source-highlight-0 100% |  87.6 MiB/s |   3.2 MiB |  00m00s
[131/163] Installing sgml-common-0:0.6. 100% |   8.1 MiB/s | 174.9 KiB |  00m00s
[132/163] Installing docbook-dtds-0:1.0 100% |  31.4 MiB/s |   8.3 MiB |  00m00s
[133/163] Installing docbook-style-xsl- 100% | 161.9 MiB/s |  15.9 MiB |  00m00s
[134/163] Installing tzdata-0:2025b-1.f 100% |  36.4 MiB/s |   1.9 MiB |  00m00s
[135/163] Installing python-pip-wheel-0 100% | 414.7 MiB/s |   1.2 MiB |  00m00s
[136/163] Installing mpdecimal-0:4.0.0- 100% | 137.9 MiB/s | 282.3 KiB |  00m00s
[137/163] Installing libb2-0:0.98.1-13. 100% |  12.2 MiB/s |  75.2 KiB |  00m00s
[138/163] Installing python3-libs-0:3.1 100% | 239.5 MiB/s |  42.4 MiB |  00m00s
[139/163] Installing python3-0:3.13.3-2 100% |   4.4 MiB/s |  86.4 KiB |  00m00s
[140/163] Installing python3-packaging- 100% | 138.7 MiB/s | 568.0 KiB |  00m00s
[141/163] Installing python3-rpm-genera 100% |  81.0 MiB/s |  82.9 KiB |  00m00s
[142/163] Installing python3-iniconfig- 100% |  23.0 MiB/s |  23.5 KiB |  00m00s
[143/163] Installing python3-pluggy-0:1 100% |  64.8 MiB/s | 199.0 KiB |  00m00s
[144/163] Installing graphviz-0:12.2.1- 100% | 210.5 MiB/s |  22.1 MiB |  00m00s
>>> Running sysusers scriptlet: unbound-libs-0:1.22.0-14.fc42.aarch64           
>>> Finished sysusers scriptlet: unbound-libs-0:1.22.0-14.fc42.aarch64          
>>> Scriptlet output:                                                           
>>> Creating group 'unbound' with GID 999.                                      
>>> Creating user 'unbound' (Unbound DNS resolver) with UID 999 and GID 999.    
>>>                                                                             
[145/163] Installing unbound-libs-0:1.2 100% | 198.3 MiB/s |   1.4 MiB |  00m00s
[146/163] Installing gnutls-dane-0:3.8. 100% |  68.5 MiB/s |  70.1 KiB |  00m00s
[147/163] Installing libcbor-0:0.11.0-3 100% | 136.0 MiB/s | 139.3 KiB |  00m00s
[148/163] Installing libfido2-0:1.15.0- 100% | 136.6 MiB/s | 279.8 KiB |  00m00s
[149/163] Installing openssh-0:9.9p1-10 100% |  57.6 MiB/s |   1.4 MiB |  00m00s
[150/163] Installing libedit-0:3.1-55.2 100% | 137.6 MiB/s | 281.8 KiB |  00m00s
[151/163] Installing libxslt-0:1.1.43-1 100% |  24.5 MiB/s | 551.3 KiB |  00m00s
[152/163] Installing asciidoc-0:10.2.0- 100% |  51.8 MiB/s |   1.7 MiB |  00m00s
[153/163] Installing openssh-clients-0: 100% |  85.4 MiB/s |   2.8 MiB |  00m00s
[154/163] Installing gnutls-utils-0:3.8 100% |  56.7 MiB/s |   1.5 MiB |  00m00s
[155/163] Installing python3-pytest-0:8 100% | 244.3 MiB/s |  21.0 MiB |  00m00s
[156/163] Installing python3-devel-0:3. 100% |  58.8 MiB/s |   1.8 MiB |  00m00s
[157/163] Installing java-21-openjdk-de 100% | 265.2 MiB/s |  15.6 MiB |  00m00s
[158/163] Installing nss-tools-0:3.110. 100% |  79.8 MiB/s |   2.9 MiB |  00m00s
>>> Running sysusers scriptlet: bind-32:9.18.35-2.fc42.aarch64                  
>>> Finished sysusers scriptlet: bind-32:9.18.35-2.fc42.aarch64                 
>>> Scriptlet output:                                                           
>>> Creating group 'named' with GID 25.                                         
>>> Creating user 'named' (Named) with UID 25 and GID 25.                       
>>>                                                                             
[159/163] Installing bind-32:9.18.35-2. 100% |  35.0 MiB/s |   1.2 MiB |  00m00s
[160/163] Installing systemd-rpm-macros 100% |   8.7 MiB/s |   8.9 KiB |  00m00s
[161/163] Installing sequoia-policy-con 100% |  39.8 MiB/s | 897.2 KiB |  00m00s
[162/163] Installing openssl-1:3.2.4-3. 100% |  56.3 MiB/s |   1.7 MiB |  00m00s
[163/163] Installing make-1:4.4.1-10.fc 100% |   3.6 MiB/s |   1.9 MiB |  00m01s
Complete!
Finish: build setup for crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
Start: rpmbuild crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
Building target platforms: aarch64
Building for target aarch64
warning: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range
setting SOURCE_DATE_EPOCH=1741824000
Executing(%mkbuilddir): /bin/sh -e /var/tmp/rpm-tmp.qmI5HT
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.cVPfIK
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ rm -rf fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ /usr/lib/rpm/rpmuncompress -x /builddir/build/SOURCES/crypto-policies-gita35b0fa.tar.gz
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ RPM_EC=0
++ jobs -p
+ exit 0
Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.FPEPPo
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CFLAGS
+ CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CXXFLAGS
+ FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FFLAGS
+ FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FCFLAGS
+ VALAFLAGS=-g
+ export VALAFLAGS
+ RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn'
+ export RUSTFLAGS
+ LDFLAGS='-Wl,-z,relro -Wl,--as-needed  -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes '
+ export LDFLAGS
+ LT_SYS_LIBRARY_PATH=/usr/lib64:
+ export LT_SYS_LIBRARY_PATH
+ CC=gcc
+ export CC
+ CXX=g++
+ export CXX
+ cd fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ /usr/bin/make -O -j4 V=1 VERBOSE=1
asciidoc -v -d manpage -b docbook update-crypto-policies.8.txt
xsltproc --nonet -o update-crypto-policies.8 /usr/lib/python3.13/site-packages/asciidoc/resources/docbook-xsl/manpage.xsl update-crypto-policies.8.xml
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/asciidoc.conf
asciidoc: reading: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b/update-crypto-policies.8.txt
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/docbook45.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/code/code-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/graphviz/graphviz-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/source/source-highlight-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/lang-en.conf
asciidoc: writing: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b/update-crypto-policies.8.xml
Note: Writing update-crypto-policies.8
asciidoc -v -d manpage -b docbook crypto-policies.7.txt
xsltproc --nonet -o crypto-policies.7 /usr/lib/python3.13/site-packages/asciidoc/resources/docbook-xsl/manpage.xsl crypto-policies.7.xml
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/asciidoc.conf
asciidoc: reading: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b/crypto-policies.7.txt
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/docbook45.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/code/code-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/graphviz/graphviz-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/filters/source/source-highlight-filter.conf
asciidoc: reading: /usr/lib/python3.13/site-packages/asciidoc/resources/lang-en.conf
asciidoc: writing: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b/crypto-policies.7.xml
Note: Writing crypto-policies.7
mkdir -p output
python/build-crypto-policies.py --reloadcmds policies output
Saving config for bind for policy BSI

Saving config for gnutls for policy BSI

Saving config for java for policy BSI

Saving config for krb5 for policy BSI

Saving config for libreswan for policy BSI

Saving config for libssh for policy BSI

Saving config for nss for policy BSI

Saving config for openssh for policy BSI

Saving config for opensshserver for policy BSI

Saving config for openssl_fips for policy BSI

Saving config for opensslcnf for policy BSI

Saving config for rpm-sequoia for policy BSI

Saving config for sequoia for policy BSI

Saving config for bind for policy DEFAULT

Saving config for gnutls for policy DEFAULT

Saving config for java for policy DEFAULT

Saving config for krb5 for policy DEFAULT

Saving config for libreswan for policy DEFAULT

Saving config for libssh for policy DEFAULT

Saving config for nss for policy DEFAULT

Saving config for openssh for policy DEFAULT

Saving config for opensshserver for policy DEFAULT

Saving config for openssl_fips for policy DEFAULT

Saving config for opensslcnf for policy DEFAULT

Saving config for rpm-sequoia for policy DEFAULT

Saving config for sequoia for policy DEFAULT

Saving config for bind for policy EMPTY

Saving config for gnutls for policy EMPTY

Saving config for java for policy EMPTY

Saving config for krb5 for policy EMPTY

Saving config for libreswan for policy EMPTY

Saving config for libssh for policy EMPTY

Saving config for nss for policy EMPTY

Saving config for openssh for policy EMPTY

Saving config for opensshserver for policy EMPTY

Saving config for openssl_fips for policy EMPTY

Saving config for opensslcnf for policy EMPTY

Saving config for rpm-sequoia for policy EMPTY

Saving config for sequoia for policy EMPTY

Saving config for bind for policy FEDORA40

Saving config for gnutls for policy FEDORA40

Saving config for java for policy FEDORA40

Saving config for krb5 for policy FEDORA40

Saving config for libreswan for policy FEDORA40

Saving config for libssh for policy FEDORA40

Saving config for nss for policy FEDORA40

Saving config for openssh for policy FEDORA40

Saving config for opensshserver for policy FEDORA40

Saving config for openssl_fips for policy FEDORA40

Saving config for opensslcnf for policy FEDORA40

Saving config for rpm-sequoia for policy FEDORA40

Saving config for sequoia for policy FEDORA40

Saving config for bind for policy FIPS

Saving config for gnutls for policy FIPS

Saving config for java for policy FIPS

Saving config for krb5 for policy FIPS

Saving config for libreswan for policy FIPS

Saving config for libssh for policy FIPS

Saving config for nss for policy FIPS

Saving config for openssh for policy FIPS

Saving config for opensshserver for policy FIPS

Saving config for openssl_fips for policy FIPS

Saving config for opensslcnf for policy FIPS

Saving config for rpm-sequoia for policy FIPS

Saving config for sequoia for policy FIPS

Saving config for bind for policy FUTURE

Saving config for gnutls for policy FUTURE

Saving config for java for policy FUTURE

Saving config for krb5 for policy FUTURE

Saving config for libreswan for policy FUTURE

Saving config for libssh for policy FUTURE

Saving config for nss for policy FUTURE

Saving config for openssh for policy FUTURE

Saving config for opensshserver for policy FUTURE

Saving config for openssl_fips for policy FUTURE

Saving config for opensslcnf for policy FUTURE

Saving config for rpm-sequoia for policy FUTURE

Saving config for sequoia for policy FUTURE

Saving config for bind for policy GOST-ONLY

Saving config for gnutls for policy GOST-ONLY

Saving config for java for policy GOST-ONLY

Saving config for krb5 for policy GOST-ONLY

Saving config for libreswan for policy GOST-ONLY

Saving config for libssh for policy GOST-ONLY

Saving config for nss for policy GOST-ONLY

Saving config for openssh for policy GOST-ONLY

Saving config for opensshserver for policy GOST-ONLY

Saving config for openssl_fips for policy GOST-ONLY

Saving config for opensslcnf for policy GOST-ONLY

Saving config for rpm-sequoia for policy GOST-ONLY

Saving config for sequoia for policy GOST-ONLY

Saving config for bind for policy LEGACY

Saving config for gnutls for policy LEGACY

Saving config for java for policy LEGACY

Saving config for krb5 for policy LEGACY

Saving config for libreswan for policy LEGACY

Saving config for libssh for policy LEGACY

Saving config for nss for policy LEGACY

Saving config for openssh for policy LEGACY

Saving config for opensshserver for policy LEGACY

Saving config for openssl_fips for policy LEGACY

Saving config for opensslcnf for policy LEGACY

Saving config for rpm-sequoia for policy LEGACY

Saving config for sequoia for policy LEGACY

Saving config for bind for policy TEST-FEDORA41

Saving config for gnutls for policy TEST-FEDORA41

Saving config for java for policy TEST-FEDORA41

Saving config for krb5 for policy TEST-FEDORA41

Saving config for libreswan for policy TEST-FEDORA41

Saving config for libssh for policy TEST-FEDORA41

Saving config for nss for policy TEST-FEDORA41

Saving config for openssh for policy TEST-FEDORA41

Saving config for opensshserver for policy TEST-FEDORA41

Saving config for openssl_fips for policy TEST-FEDORA41

Saving config for opensslcnf for policy TEST-FEDORA41

Saving config for rpm-sequoia for policy TEST-FEDORA41

Saving config for sequoia for policy TEST-FEDORA41

gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpayg2uxfk mtime 1746118434
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 7
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpw6w_u5eu mtime 1746118434
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpbvu3i48l mtime 1746118434
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpp91s9f_l mtime 1746118435
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp0z93_g87 mtime 1746118435
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: marking hash SHAKE-128 as secure
gnutls[2]: cfg: marking hash SHA1 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature DSA-SHA256 as secure
gnutls[2]: cfg: marking signature DSA-SHA384 as secure
gnutls[2]: cfg: marking signature DSA-SHA512 as secure
gnutls[2]: cfg: marking signature DSA-SHA224 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure
gnutls[2]: cfg: marking signature RSA-SHA1 as secure
gnutls[2]: cfg: marking signature DSA-SHA1 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version TLS1.1
gnutls[2]: cfg: enabling version TLS1.0
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: enabling version DTLS1.0
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp1c_0jary mtime 1746118435
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA1 is enabled for SSL-KX
NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 9
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp7pqi58tf mtime 1746118435
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.gIuGgx
+ RPM_EC=0
++ jobs -p
+ exit 0
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ '[' /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT '!=' / ']'
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT
++ dirname /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT
+ mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build
+ mkdir /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT
+ CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CFLAGS
+ CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CXXFLAGS
+ FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FFLAGS
+ FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FCFLAGS
+ VALAFLAGS=-g
+ export VALAFLAGS
+ RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn'
+ export RUSTFLAGS
+ LDFLAGS='-Wl,-z,relro -Wl,--as-needed  -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes '
+ export LDFLAGS
+ LT_SYS_LIBRARY_PATH=/usr/lib64:
+ export LT_SYS_LIBRARY_PATH
+ CC=gcc
+ export CC
+ CXX=g++
+ export CXX
+ cd fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/state/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/local.d/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/policies/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/policies/modules/
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/bin
+ make DESTDIR=/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT DIR=/usr/share/crypto-policies MANDIR=/usr/share/man -j4 install
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/man
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/man/man7
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/man/man8
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/bin
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/libexec
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/lib/systemd/system
install -p -m 644 crypto-policies.7 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/man/man7
install -p -m 644 update-crypto-policies.8 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/man/man8
install -p -m 755 update-crypto-policies /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/bin
install -p -m 644 fips-crypto-policy-overlay.service /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/lib/systemd/system
install -p -m 755 fips-crypto-policy-overlay fips-setup-helper /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/libexec
mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/
install -p -m 644 default-config /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies
install -p -m 644 default-fips-config /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies
install -p -m 644 output/reload-cmds.sh /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies
for f in $(find output -name '*.txt') ; do d=$(dirname $f | cut -f 2- -d '/')  ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done
for f in $(find policies -name '*.p*') ; do d=$(dirname $f)  ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done
for f in $(find python -name '*.py') ; do d=$(dirname $f) ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done
chmod 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/update-crypto-policies.py
chmod 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/build-crypto-policies.py
+ install -p -m 644 default-config /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/config
+ install -p -m 644 default-fips-config /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/default-fips-config
+ touch /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/state/current
+ touch /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/state/CURRENT.pol
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/GOST-ONLY
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/BSI
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/TEST-FEDORA41
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FEDORA40
+ for d in LEGACY DEFAULT FUTURE FIPS
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/bind.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/bind.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/bind.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/gnutls.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/gnutls.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/gnutls.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/java.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/java.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/java.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/krb5.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/krb5.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/krb5.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libreswan.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libreswan.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/libreswan.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/libssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/nss.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/nss.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/nss.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/openssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensshserver.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/opensshserver.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssl_fips.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/openssl_fips.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensslcnf.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/opensslcnf.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/rpm-sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/rpm-sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/LEGACY/sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/sequoia.config
+ for d in LEGACY DEFAULT FUTURE FIPS
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/bind.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/gnutls.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/java.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/krb5.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/libreswan.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/libssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/nss.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/openssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/opensshserver.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/openssl_fips.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/opensslcnf.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/rpm-sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/sequoia.config
+ for d in LEGACY DEFAULT FUTURE FIPS
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/bind.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/bind.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/bind.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/gnutls.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/gnutls.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/gnutls.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/java.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/java.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/java.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/krb5.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/krb5.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/krb5.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libreswan.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libreswan.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/libreswan.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/libssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/nss.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/nss.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/nss.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/openssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensshserver.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/opensshserver.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssl_fips.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/openssl_fips.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensslcnf.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/opensslcnf.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/rpm-sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/rpm-sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FUTURE/sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/sequoia.config
+ for d in LEGACY DEFAULT FUTURE FIPS
+ mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/bind.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/bind.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/bind.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/gnutls.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/gnutls.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/gnutls.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/java.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/java.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/java.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/krb5.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/krb5.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/krb5.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/libreswan.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/libreswan.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/libreswan.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/libssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/libssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/libssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/nss.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/nss.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/nss.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssh.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/openssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensshserver.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/opensshserver.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssl_fips.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/openssl_fips.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensslcnf.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/opensslcnf.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/rpm-sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/rpm-sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/$d/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/sequoia.txt .txt
+ ln /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/FIPS/sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/bind.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/bind.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/gnutls.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/gnutls.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/java.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/java.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/krb5.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/krb5.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/libreswan.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/libreswan.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/libssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/libssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/nss.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/nss.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/openssh.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/openssh.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/opensshserver.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/openssl_fips.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/opensslcnf.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/rpm-sequoia.config
+ for f in /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/*
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt
++ basename /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt .txt
+ ln -sf /usr/share/crypto-policies/DEFAULT/sequoia.txt /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/etc/crypto-policies/back-ends/sequoia.config
+ [[ /usr/bin/python3 =~  - ]]
+ clamp_source_mtime /usr/bin/python3 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
+ python_binary='env /usr/bin/python3'
+ bytecode_compilation_path=/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
+ PYTHONPATH=/usr/lib/rpm/redhat
+ env /usr/bin/python3 -s -B -m clamp_source_mtime /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators'...
++ /usr/bin/python3 -c 'import sys; sys.stdout.write('\''{0.major}{0.minor}'\''.format(sys.version_info))'
+ python_version=313
+ '[' 313 -ge 39 ']'
+ py39_byte_compile /usr/bin/python3 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
+ python_binary='env PYTHONHASHSEED=0 /usr/bin/python3'
+ bytecode_compilation_path=/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
+ env PYTHONHASHSEED=0 /usr/bin/python3 -s -B -m compileall -j4 -o 0 -o 1 -s /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT -p / --hardlink-dupes --invalidation-mode=timestamp /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation'...
Listing '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/build-crypto-policies.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__init__.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/alg_lists.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/cryptopolicies.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/gnutls.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/java.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/krb5.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/libreswan.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/scope.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__init__.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/bind.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/configgenerator.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/sequoia.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/update-crypto-policies.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__init__.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/alg_lists.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/general.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/rules.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/libssh.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/nss.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/openssh.py'...
Compiling '/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/openssl.py'...
+ /usr/lib/rpm/check-buildroot
+ /usr/lib/rpm/redhat/brp-ldconfig
+ /usr/lib/rpm/brp-compress
+ /usr/lib/rpm/brp-strip /usr/bin/strip
+ /usr/lib/rpm/brp-strip-comment-note /usr/bin/strip /usr/bin/objdump
+ /usr/lib/rpm/redhat/brp-strip-lto /usr/bin/strip
+ /usr/lib/rpm/brp-strip-static-archive /usr/bin/strip
+ /usr/lib/rpm/check-rpaths
+ /usr/lib/rpm/redhat/brp-mangle-shebangs
mangling shebang in /usr/share/crypto-policies/python/build-crypto-policies.py from /usr/bin/env python3 to #!/usr/bin/python3
mangling shebang in /usr/share/crypto-policies/python/update-crypto-policies.py from /usr/bin/env python3 to #!/usr/bin/python3
mangling shebang in /usr/libexec/fips-crypto-policy-overlay from /bin/bash to #!/usr/bin/bash
mangling shebang in /usr/libexec/fips-setup-helper from /bin/bash to #!/usr/bin/bash
+ /usr/lib/rpm/brp-remove-la-files
+ env /usr/lib/rpm/redhat/brp-python-bytecompile '' 1 0 -j4
+ /usr/lib/rpm/redhat/brp-python-hardlink
+ /usr/bin/add-determinism --brp -j4 /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/general.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/alg_lists.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/scope.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/rules.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/alg_lists.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/bind.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/libssh.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/configgenerator.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/gnutls.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/sequoia.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/java.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/krb5.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-313.pyc: replacing with normalized version
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/libreswan.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-313.opt-1.pyc: replacing with normalized version
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/nss.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/build-crypto-policies.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/openssl.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/openssh.cpython-313.pyc: rewriting with normalized contents
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-313.pyc: replacing with normalized version
/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-313.opt-1.pyc: replacing with normalized version
Scanned 39 directories and 227 files,
               processed 26 inodes,
               24 modified (4 replaced + 20 rewritten),
               0 unsupported format, 0 errors
Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.jQjVAd
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CFLAGS
+ CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
+ export CXXFLAGS
+ FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FFLAGS
+ FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -mbranch-protection=standard -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules '
+ export FCFLAGS
+ VALAFLAGS=-g
+ export VALAFLAGS
+ RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn'
+ export RUSTFLAGS
+ LDFLAGS='-Wl,-z,relro -Wl,--as-needed  -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes '
+ export LDFLAGS
+ LT_SYS_LIBRARY_PATH=/usr/lib64:
+ export LT_SYS_LIBRARY_PATH
+ CC=gcc
+ export CC
+ CXX=g++
+ export CXX
+ cd fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ make test -j4 SKIP_LINTING=1
python/build-crypto-policies.py --strict --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp29ofqzc7 mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 7
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
============================= test session starts ==============================
platform linux -- Python 3.13.3, pytest-8.3.4, pluggy-1.5.0 -- /usr/bin/python3
cachedir: .pytest_cache
rootdir: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
configfile: pytest.ini
collecting ... ============================= test session starts ==============================
platform linux -- Python 3.13.3, pytest-8.3.4, pluggy-1.5.0 -- /usr/bin/python3
cachedir: .pytest_cache
rootdir: /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
configfile: pytest.ini
collecting ... Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
collected 12 items

python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.earliest_occurrence PASSED [  8%]
python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.glob PASSED [ 16%]
python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.max_dtls_version PASSED [ 25%]
python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.max_tls_version PASSED [ 33%]
python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.min_dtls_version gnutls[2]: Enabled GnuTLS 3.8.9 logging...
PASSED [ 41%]gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS

python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.min_tls_version PASSED [ 50%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopeSelector.__init__ gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpgwmm_q7r mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
PASSED [ 58%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopeSelector.matches PASSED [ 66%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopedPolicy PASSED [ 75%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.parse_line PASSED [ 83%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.parse_rhs PASSED [ 91%]
python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.preprocess_text PASSED [100%]

============================== 12 passed in 0.05s ==============================
collected 47 items

tests/unit/test_alg_lists.py::test_glob_alg_sanity PASSED                [  2%]
tests/unit/test_alg_lists.py::test_glob_alg_globbing PASSED              [  4%]
tests/unit/test_alg_lists.py::test_glob_experimental PASSED              [  6%]
tests/unit/test_alg_lists.py::test_glob_alg_algorithm_empty PASSED       [  8%]
tests/unit/test_alg_lists.py::test_glob_alg_algorithm_class_unknown PASSED [ 10%]
tests/unit/test_alg_lists.py::test_min_versions PASSED                   [ 12%]
tests/unit/test_alg_lists.py::test_max_versions PASSED                   [ 14%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_is_empty PASSED       [ 17%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_not_found PASSED      [ 19%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_broken PASSED   [ 21%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_basic PASSED    [ 23%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_subpolicy PASSED [ 25%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_several_subpolicies PASSED [ 27%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_new_recommended PASSED [ 29%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_old_recommended PASSED [ 31%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_breaking1 PASSED [ 34%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_breaking2 PASSED [ 36%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_sha1_in_dnssec PASSED [ 38%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_to_enum PASSED [ 40%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_scoped_ssh_etm_to_enum PASSED [ 42%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_prepend_order PASSED  [ 44%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_no_duplicates NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
PASSED  [ 46%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_minver PASSED         [ 48%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_maxver PASSED         [ 51%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental PASSED   [ 53%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_to_string_empty Pseudo-terminal will not be allocated because stdin is not a terminal.
PASSED [ 55%]
tests/unit/test_cryptopolicy.py::test_cryptopolicy_to_string_twisted PASSED [ 57%]
tests/unit/test_parse_line.py::test_parse_line PASSED                    [ 59%]
tests/unit/test_parse_line.py::test_parse_bad PASSED                     [ 61%]
tests/unit/test_parse_rhs.py::test_parse_rhs PASSED                      [ 63%]
tests/unit/test_preprocess_text.py::test_preprocess_text_basics PASSED   [ 65%]
tests/unit/test_preprocess_text.py::test_preprocess_text_compat PASSED   [ 68%]
tests/unit/test_preprocess_text.py::test_preprocess_text_compat_problematic PASSED [ 70%]
tests/unit/test_preprocess_text.py::test_preprocess_text_compat_diamond_problem PASSED [ 72%]
tests/unit/test_scope_selector.py::test_scope_selector_any PASSED        [ 74%]
tests/unit/test_scope_selector.py::test_scope_selector_tls PASSED        [ 76%]
tests/unit/test_scope_selector.py::test_scope_selector_nontls sequoia-policy-config-check returns 0
PASSED     [ 78%]
tests/unit/test_scope_selector.py::test_scope_selector_posglob PASSED    [ 80%]
tests/unit/test_scope_selector.py::test_scope_selector_negglob PASSED    [ 82%]
tests/unit/test_scope_selector.py::test_scope_selector_posmixed PASSED   [ 85%]
tests/unit/test_scope_selector.py::test_scope_selector_negmixed PASSED   [ 87%]
tests/unit/test_scope_selector.py::test_scope_selector_curly_brackets PASSED [ 89%]
tests/unit/test_scope_selector.py::test_scope_selector_empty PASSED      [ 91%]
tests/unit/test_scope_selector.py::test_scope_selector_illegal_character sequoia-policy-config-check returns 0
PASSED [ 93%]
tests/unit/test_scope_selector.py::test_scope_selector_comma PASSED      [ 95%]
tests/unit/test_scope_selector.py::test_scope_selector_unknown PASSED    [ 97%]
tests/unit/test_scope_selector.py::test_scope_selector_nomatch PASSED    [100%]

============================== 47 passed in 0.13s ==============================
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpq8g4lbxh mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp14k6rvy3 mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpszdwknk6 mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: marking hash SHAKE-128 as secure
gnutls[2]: cfg: marking hash SHA1 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature DSA-SHA256 as secure
gnutls[2]: cfg: marking signature DSA-SHA384 as secure
gnutls[2]: cfg: marking signature DSA-SHA512 as secure
gnutls[2]: cfg: marking signature DSA-SHA224 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure
gnutls[2]: cfg: marking signature RSA-SHA1 as secure
gnutls[2]: cfg: marking signature DSA-SHA1 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version TLS1.1
gnutls[2]: cfg: enabling version TLS1.0
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: enabling version DTLS1.0
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpnggluocy mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA1 is enabled for SSL-KX
NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 9
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpuorzqr2n mtime 1746118437
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --strict --policy FIPS:OSPP --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpiapwjs7y mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 11
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 11
NSS-POLICY-INFO: NUMBER-OF-ECC: 2
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 5
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --strict --policy FIPS:ECDHE-ONLY --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpbi62ovnn mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 2
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --strict --policy FIPS:NO-ENFORCE-EMS --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpcfax4ids mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --strict --policy DEFAULT:GOST --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpykv1gedi mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --strict --policy GOST-ONLY --test --flat policies tests/outputs
python/build-crypto-policies.py --strict --policy LEGACY:AD-SUPPORT --test --flat policies tests/outputs
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: marking hash SHAKE-128 as secure
gnutls[2]: cfg: marking hash SHA1 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature DSA-SHA256 as secure
gnutls[2]: cfg: marking signature DSA-SHA384 as secure
gnutls[2]: cfg: marking signature DSA-SHA512 as secure
gnutls[2]: cfg: marking signature DSA-SHA224 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure
gnutls[2]: cfg: marking signature RSA-SHA1 as secure
gnutls[2]: cfg: marking signature DSA-SHA1 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version TLS1.1
gnutls[2]: cfg: enabling version TLS1.0
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: enabling version DTLS1.0
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp72tpuyo7 mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA1 is enabled for SSL-KX
NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 9
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy DEFAULT:TEST-PQ --test --flat policies tests/outputs  # not strict
ExperimentalValueWarning: `group` value `P384-MLKEM1024` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `P521-MLKEM1024` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `MLKEM1024` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `P256-MLKEM768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `X25519-MLKEM768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `MLKEM768-X25519` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `X448-MLKEM768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `P384-MLKEM768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `MLKEM768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `X25519-MLKEM512` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `P256-MLKEM512` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `MLKEM512` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `P256-KYBER768` is experimental and might go away in the future
ExperimentalValueWarning: `group` value `X25519-KYBER768` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P384-SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P521-FALCONPADDED1024` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `FALCONPADDED1024` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P521-FALCON1024` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `FALCON1024` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-FALCONPADDED512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-FALCONPADDED512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `FALCONPADDED512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-FALCON512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-FALCON512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `FALCON512` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA87-ED448` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA87-BP384` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA87-P384` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P521-MLDSA87` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA87` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65-ED25519` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65-BP256` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65-P256` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65-RSA3072` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65-PSS3072` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P384-MLDSA65` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA65` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44-BP256` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44-P256` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44-ED25519` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44-RSA2048` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44-PSS2048` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `RSA3072-MLDSA44` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `P256-MLDSA44` is experimental and might go away in the future
ExperimentalValueWarning: `sign` value `MLDSA44` is experimental and might go away in the future
ExperimentalValueWarning: `key_exchange` value `SNTRUP` is experimental and might go away in the future
ExperimentalValueWarning: `key_exchange` value `KEM-ECDH` is experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS
gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS
gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpl9_snj3k mtime 1746118438
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
diff policies/TEST-FEDORA41.pol policies/DEFAULT.pol
tests/openssl.py
Checking the OpenSSL configuration
Checking policy BSI
Checking policy DEFAULT
Checking policy DEFAULT:GOST
Checking policy DEFAULT:TEST-PQ
Checking policy FEDORA40
Checking policy FIPS
Checking policy FIPS:ECDHE-ONLY
Checking policy FIPS:NO-ENFORCE-EMS
Checking policy FIPS:OSPP
Checking policy FUTURE
Checking policy LEGACY
Checking policy LEGACY:AD-SUPPORT
Checking policy TEST-FEDORA41
tests/gnutls.py
Checking the GnuTLS configuration
Checking policy BSI
Checking policy DEFAULT
Checking policy DEFAULT:GOST
Checking policy DEFAULT:TEST-PQ
Checking policy EMPTY
Checking policy FEDORA40
Checking policy FIPS
Checking policy FIPS:ECDHE-ONLY
Checking policy FIPS:NO-ENFORCE-EMS
Checking policy FIPS:OSPP
Checking policy FUTURE
Checking policy LEGACY
Checking policy LEGACY:AD-SUPPORT
Checking policy TEST-FEDORA41
tests/nss.py
Checking the NSS configuration
Checking policy BSI
Checking policy DEFAULT
Checking policy DEFAULT:GOST
Checking policy DEFAULT:TEST-PQ
Checking policy EMPTY
Checking policy FEDORA40
Checking policy FIPS
Checking policy FIPS:ECDHE-ONLY
Checking policy FIPS:NO-ENFORCE-EMS
Checking policy FIPS:OSPP
Checking policy FUTURE
Checking policy GOST-ONLY
Checking policy LEGACY
Checking policy LEGACY:AD-SUPPORT
Checking policy TEST-FEDORA41
tests/java.py
Checking the Java configuration
Checking policy BSI
Checking policy DEFAULT
Checking policy DEFAULT:GOST
Checking policy DEFAULT:TEST-PQ
Checking policy EMPTY
Checking policy FEDORA40
Checking policy FIPS
Checking policy FIPS:ECDHE-ONLY
Checking policy FIPS:NO-ENFORCE-EMS
Checking policy FIPS:OSPP
Checking policy FUTURE
Checking policy GOST-ONLY
Checking policy LEGACY
Checking policy LEGACY:AD-SUPPORT
Checking policy TEST-FEDORA41
tests/krb5.py
Skipping krb5 test; checker not found!
top_srcdir=. tests/update-crypto-policies.sh
Saving config for bind for policy BSI

Saving config for gnutls for policy BSI

Saving config for java for policy BSI

Saving config for krb5 for policy BSI

Saving config for libreswan for policy BSI

Saving config for libssh for policy BSI

Saving config for nss for policy BSI

Saving config for openssh for policy BSI

Saving config for opensshserver for policy BSI

Saving config for openssl_fips for policy BSI

Saving config for opensslcnf for policy BSI

Saving config for rpm-sequoia for policy BSI

Saving config for sequoia for policy BSI

Saving config for bind for policy DEFAULT

Saving config for gnutls for policy DEFAULT

Saving config for java for policy DEFAULT

Saving config for krb5 for policy DEFAULT

Saving config for libreswan for policy DEFAULT

Saving config for libssh for policy DEFAULT

Saving config for nss for policy DEFAULT

Saving config for openssh for policy DEFAULT

Saving config for opensshserver for policy DEFAULT

Saving config for openssl_fips for policy DEFAULT

Saving config for opensslcnf for policy DEFAULT

Saving config for rpm-sequoia for policy DEFAULT

Saving config for sequoia for policy DEFAULT

Saving config for bind for policy EMPTY

Saving config for gnutls for policy EMPTY

Saving config for java for policy EMPTY

Saving config for krb5 for policy EMPTY

Saving config for libreswan for policy EMPTY

Saving config for libssh for policy EMPTY

Saving config for nss for policy EMPTY

Saving config for openssh for policy EMPTY

Saving config for opensshserver for policy EMPTY

Saving config for openssl_fips for policy EMPTY

Saving config for opensslcnf for policy EMPTY

Saving config for rpm-sequoia for policy EMPTY

Saving config for sequoia for policy EMPTY

Saving config for bind for policy FEDORA40

Saving config for gnutls for policy FEDORA40

Saving config for java for policy FEDORA40

Saving config for krb5 for policy FEDORA40

Saving config for libreswan for policy FEDORA40

Saving config for libssh for policy FEDORA40

Saving config for nss for policy FEDORA40

Saving config for openssh for policy FEDORA40

Saving config for opensshserver for policy FEDORA40

Saving config for openssl_fips for policy FEDORA40

Saving config for opensslcnf for policy FEDORA40

Saving config for rpm-sequoia for policy FEDORA40

Saving config for sequoia for policy FEDORA40

Saving config for bind for policy FIPS

Saving config for gnutls for policy FIPS

Saving config for java for policy FIPS

Saving config for krb5 for policy FIPS

Saving config for libreswan for policy FIPS

Saving config for libssh for policy FIPS

Saving config for nss for policy FIPS

Saving config for openssh for policy FIPS

Saving config for opensshserver for policy FIPS

Saving config for openssl_fips for policy FIPS

Saving config for opensslcnf for policy FIPS

Saving config for rpm-sequoia for policy FIPS

Saving config for sequoia for policy FIPS

Saving config for bind for policy FUTURE

Saving config for gnutls for policy FUTURE

Saving config for java for policy FUTURE

Saving config for krb5 for policy FUTURE

Saving config for libreswan for policy FUTURE

Saving config for libssh for policy FUTURE

Saving config for nss for policy FUTURE

Saving config for openssh for policy FUTURE

Saving config for opensshserver for policy FUTURE

Saving config for openssl_fips for policy FUTURE

Saving config for opensslcnf for policy FUTURE

Saving config for rpm-sequoia for policy FUTURE

Saving config for sequoia for policy FUTURE

Saving config for bind for policy GOST-ONLY

Saving config for gnutls for policy GOST-ONLY

Saving config for java for policy GOST-ONLY

Saving config for krb5 for policy GOST-ONLY

Saving config for libreswan for policy GOST-ONLY

Saving config for libssh for policy GOST-ONLY

Saving config for nss for policy GOST-ONLY

Saving config for openssh for policy GOST-ONLY

Saving config for opensshserver for policy GOST-ONLY

Saving config for openssl_fips for policy GOST-ONLY

Saving config for opensslcnf for policy GOST-ONLY

Saving config for rpm-sequoia for policy GOST-ONLY

Saving config for sequoia for policy GOST-ONLY

Saving config for bind for policy LEGACY

Saving config for gnutls for policy LEGACY

Saving config for java for policy LEGACY

Saving config for krb5 for policy LEGACY

Saving config for libreswan for policy LEGACY

Saving config for libssh for policy LEGACY

Saving config for nss for policy LEGACY

Saving config for openssh for policy LEGACY

Saving config for opensshserver for policy LEGACY

Saving config for openssl_fips for policy LEGACY

Saving config for opensslcnf for policy LEGACY

Saving config for rpm-sequoia for policy LEGACY

Saving config for sequoia for policy LEGACY

Saving config for bind for policy TEST-FEDORA41

Saving config for gnutls for policy TEST-FEDORA41

Saving config for java for policy TEST-FEDORA41

Saving config for krb5 for policy TEST-FEDORA41

Saving config for libreswan for policy TEST-FEDORA41

Saving config for libssh for policy TEST-FEDORA41

Saving config for nss for policy TEST-FEDORA41

Saving config for openssh for policy TEST-FEDORA41

Saving config for opensshserver for policy TEST-FEDORA41

Saving config for openssl_fips for policy TEST-FEDORA41

Saving config for opensslcnf for policy TEST-FEDORA41

Saving config for rpm-sequoia for policy TEST-FEDORA41

Saving config for sequoia for policy TEST-FEDORA41

tests/update-crypto-policies.sh: checking if default profile is properly selected
Setting system policy to DEFAULT
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

tests/update-crypto-policies.sh: checking if current policy dump is equal to the original default profile
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
Setting system policy to CURRENT
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

tests/update-crypto-policies.sh: checking if switching to other profile works
Setting system policy to LEGACY
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

tests/update-crypto-policies.sh: checking if local.d works
Setting system policy to DEFAULT
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

tests/update-crypto-policies.sh: checking if --check works (test 1)
The configured policy matches the generated policy
The configured policy does NOT match the generated policy
--check works as expected

tests/update-crypto-policies.sh: checking if --check works (test 2)
Setting system policy to DEFAULT
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.
The configured policy matches the generated policy
The configured policy does NOT match the generated policy
--check works as expected
cp -r tests/outputs output/alt
python/build-crypto-policies.py --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpawbfo9ca mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 0 is deprecated, please rewrite your rules using etm@SSH = DISABLE_ETM; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpv_pdr1bq mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpuuujr9jk mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpodefnqnb mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: marking hash SHAKE-128 as secure
gnutls[2]: cfg: marking hash SHA1 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature DSA-SHA256 as secure
gnutls[2]: cfg: marking signature DSA-SHA384 as secure
gnutls[2]: cfg: marking signature DSA-SHA512 as secure
gnutls[2]: cfg: marking signature DSA-SHA224 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure
gnutls[2]: cfg: marking signature RSA-SHA1 as secure
gnutls[2]: cfg: marking signature DSA-SHA1 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version TLS1.1
gnutls[2]: cfg: enabling version TLS1.0
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: enabling version DTLS1.0
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpqawc_bj_ mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA1 is enabled for SSL-KX
NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 9
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy FIPS:OSPP --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpt156ou5r mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 11
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 11
NSS-POLICY-INFO: NUMBER-OF-ECC: 2
NSS-POLICY-INFO: NUMBER-OF-HASH: 6
NSS-POLICY-INFO: NUMBER-OF-MAC: 3
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 5
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy FIPS:ECDHE-ONLY --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmpywpvz193 mtime 1746118445
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 2
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy FIPS:NO-ENFORCE-EMS --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp85c3394r mtime 1746118446
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14
NSS-POLICY-INFO: NUMBER-OF-ECC: 4
NSS-POLICY-INFO: NUMBER-OF-HASH: 7
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy GOST-ONLY --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
python/build-crypto-policies.py --policy LEGACY:AD-SUPPORT --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: marking hash SHAKE-128 as secure
gnutls[2]: cfg: marking hash SHA1 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature DSA-SHA256 as secure
gnutls[2]: cfg: marking signature DSA-SHA384 as secure
gnutls[2]: cfg: marking signature DSA-SHA512 as secure
gnutls[2]: cfg: marking signature DSA-SHA224 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure
gnutls[2]: cfg: marking signature RSA-SHA1 as secure
gnutls[2]: cfg: marking signature DSA-SHA1 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs
gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs
gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version TLS1.1
gnutls[2]: cfg: enabling version TLS1.0
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: enabling version DTLS1.0
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp3mp8ig58 mtime 1746118446
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA1 is enabled for SSL-KX
NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for SSL-KX
NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 9
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy DEFAULT:GOST --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp4gn0a6ql mtime 1746118446
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
python/build-crypto-policies.py --policy DEFAULT:TEST-PQ --test --flat tests/alternative-policies output/alt
PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement
PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement
ExperimentalValueWarning: `key_exchange` values `SNTRUP`, `KEM-ECDH` are experimental and might go away in the future
ExperimentalValueWarning: `group` values `MLKEM512`, `P256-MLKEM512`, `X25519-MLKEM512`, `MLKEM768`, `P384-MLKEM768`, `X448-MLKEM768`, `X25519-MLKEM768`, `P256-MLKEM768`, `MLKEM1024`, `P521-MLKEM1024`, `P384-MLKEM1024`, `MLKEM768-X25519` are experimental and might go away in the future
ExperimentalValueWarning: `group` values `KYBER768`, `X25519-KYBER768`, `P256-KYBER768` are experimental and might go away in the future
ExperimentalValueWarning: `group` value `KYBER768` is experimental and might go away in the future
ExperimentalValueWarning: `sign` values `SPHINCSSHA2128FSIMPLE`, `P256-SPHINCSSHA2128FSIMPLE`, `RSA3072-SPHINCSSHA2128FSIMPLE`, `SPHINCSSHA2128SSIMPLE`, `P256-SPHINCSSHA2128SSIMPLE`, `RSA3072-SPHINCSSHA2128SSIMPLE`, `SPHINCSSHA2192FSIMPLE`, `P384-SPHINCSSHA2192FSIMPLE`, `SPHINCSSHAKE128FSIMPLE`, `P256-SPHINCSSHAKE128FSIMPLE`, `RSA3072-SPHINCSSHAKE128FSIMPLE` are experimental and might go away in the future
ExperimentalValueWarning: `sign` values `FALCON512`, `P256-FALCON512`, `RSA3072-FALCON512`, `FALCONPADDED512`, `P256-FALCONPADDED512`, `RSA3072-FALCONPADDED512`, `FALCON1024`, `P521-FALCON1024`, `FALCONPADDED1024`, `P521-FALCONPADDED1024` are experimental and might go away in the future
ExperimentalValueWarning: `sign` values `MLDSA87`, `P521-MLDSA87`, `MLDSA87-P384`, `MLDSA87-BP384`, `MLDSA87-ED448` are experimental and might go away in the future
ExperimentalValueWarning: `sign` values `MLDSA65`, `P384-MLDSA65`, `MLDSA65-PSS3072`, `MLDSA65-RSA3072`, `MLDSA65-P256`, `MLDSA65-BP256`, `MLDSA65-ED25519` are experimental and might go away in the future
ExperimentalValueWarning: `sign` values `MLDSA44`, `P256-MLDSA44`, `RSA3072-MLDSA44`, `MLDSA44-PSS2048`, `MLDSA44-RSA2048`, `MLDSA44-ED25519`, `MLDSA44-P256`, `MLDSA44-BP256` are experimental and might go away in the future
ExperimentalValueWarning: `key_exchange` value `SNTRUP` is experimental and might go away in the future
ExperimentalValueWarning: `key_exchange` value `KEM-ECDH` is experimental and might go away in the future
gnutls[2]: Enabled GnuTLS 3.8.9 logging...
gnutls[2]: getrandom random generator was selected
gnutls[2]: Aarch64 SHA1 was detected
gnutls[2]: Aarch64 SHA2 was detected
gnutls[2]: Aarch64 AES was detected
gnutls[2]: Aarch64 PMULL was detected
gnutls[2]: cfg: marking hash SHA256 as secure
gnutls[2]: cfg: marking hash SHA384 as secure
gnutls[2]: cfg: marking hash SHA512 as secure
gnutls[2]: cfg: marking hash SHA3-256 as secure
gnutls[2]: cfg: marking hash SHA3-384 as secure
gnutls[2]: cfg: marking hash SHA3-512 as secure
gnutls[2]: cfg: marking hash SHA224 as secure
gnutls[2]: cfg: marking hash SHA3-224 as secure
gnutls[2]: cfg: marking hash SHAKE-256 as secure
gnutls[2]: cfg: enabling MAC AEAD for TLS
gnutls[2]: cfg: enabling MAC SHA1 for TLS
gnutls[2]: cfg: enabling MAC SHA512 for TLS
gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS
gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS
gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS
gnutls[2]: cfg: enabling group X25519 for TLS
gnutls[2]: cfg: enabling group SECP256R1 for TLS
gnutls[2]: cfg: enabling group X448 for TLS
gnutls[2]: cfg: enabling group SECP521R1 for TLS
gnutls[2]: cfg: enabling group SECP384R1 for TLS
gnutls[2]: cfg: enabling group FFDHE2048 for TLS
gnutls[2]: cfg: enabling group FFDHE3072 for TLS
gnutls[2]: cfg: enabling group FFDHE4096 for TLS
gnutls[2]: cfg: enabling group FFDHE6144 for TLS
gnutls[2]: cfg: enabling group FFDHE8192 for TLS
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure
gnutls[2]: cfg: marking signature RSA-SHA256 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure
gnutls[2]: cfg: marking signature RSA-SHA384 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure
gnutls[2]: cfg: marking signature RSA-SHA512 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure
gnutls[2]: cfg: marking signature RSA-SHA224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure
gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs
gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs
gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs
gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs
gnutls[2]: cfg: enabling curve X25519
gnutls[2]: cfg: enabling curve SECP256R1
gnutls[2]: cfg: enabling curve X448
gnutls[2]: cfg: enabling curve SECP521R1
gnutls[2]: cfg: enabling curve SECP384R1
gnutls[2]: cfg: enabling curve Ed25519
gnutls[2]: cfg: enabling curve Ed448
gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS
gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS
gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS
gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS
gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS
gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS
gnutls[2]: cfg: enabling key exchange RSA for TLS
gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS
gnutls[2]: cfg: enabling version TLS1.3
gnutls[2]: cfg: enabling version TLS1.2
gnutls[2]: cfg: enabling version DTLS1.2
gnutls[2]: cfg: adding priority: SYSTEM -> NONE
gnutls[2]: cfg: loaded system config /tmp/tmp7rpzsp2k mtime 1746118446
gnutls[2]: cfg: deferred setting system-wide priority string
NSS-POLICY-INFO: LOADED-SUCCESSFULLY
NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX
NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX
NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX
NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX
NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL
NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL
NSS-POLICY-INFO: AES128-CBC is enabled for SSL
NSS-POLICY-INFO: AES256-CBC is enabled for SSL
NSS-POLICY-INFO: AES128-GCM is enabled for SSL
NSS-POLICY-INFO: AES256-GCM is enabled for SSL
NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL
NSS-POLICY-INFO: RSA is enabled for SSL-KX
NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX
NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ECDSA is enabled for SSL-KX
NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20
NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9
NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17
NSS-POLICY-INFO: NUMBER-OF-ECC: 5
NSS-POLICY-INFO: NUMBER-OF-HASH: 8
NSS-POLICY-INFO: NUMBER-OF-MAC: 4
NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5
NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4
NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0
NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4
NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled
NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled
NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28
NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2
NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1
Pseudo-terminal will not be allocated because stdin is not a terminal.
sequoia-policy-config-check returns 0
sequoia-policy-config-check returns 0
+ RPM_EC=0
++ jobs -p
+ exit 0
Processing files: crypto-policies-20250305-2.gita35b0fa.fc42.noarch
Executing(%license): /bin/sh -e /var/tmp/rpm-tmp.ODf3Of
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ cd fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b
+ LICENSEDIR=/builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/licenses/crypto-policies
+ export LC_ALL=C.UTF-8
+ LC_ALL=C.UTF-8
+ export LICENSEDIR
+ /usr/bin/mkdir -p /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/licenses/crypto-policies
+ cp -pr /builddir/build/BUILD/crypto-policies-20250305-build/fedora-crypto-policies-a35b0fa-a35b0fa19ccfe823962bfbef2db2abcbaab7762b/COPYING.LESSER /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT/usr/share/licenses/crypto-policies
+ RPM_EC=0
++ jobs -p
+ exit 0
warning: absolute symlink: /etc/crypto-policies/back-ends/bind.config -> /usr/share/crypto-policies/DEFAULT/bind.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/gnutls.config -> /usr/share/crypto-policies/DEFAULT/gnutls.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/java.config -> /usr/share/crypto-policies/DEFAULT/java.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/krb5.config -> /usr/share/crypto-policies/DEFAULT/krb5.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/libreswan.config -> /usr/share/crypto-policies/DEFAULT/libreswan.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/libssh.config -> /usr/share/crypto-policies/DEFAULT/libssh.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/nss.config -> /usr/share/crypto-policies/DEFAULT/nss.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/openssh.config -> /usr/share/crypto-policies/DEFAULT/openssh.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/opensshserver.config -> /usr/share/crypto-policies/DEFAULT/opensshserver.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/openssl_fips.config -> /usr/share/crypto-policies/DEFAULT/openssl_fips.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/opensslcnf.config -> /usr/share/crypto-policies/DEFAULT/opensslcnf.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/rpm-sequoia.config -> /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt
warning: absolute symlink: /etc/crypto-policies/back-ends/sequoia.config -> /usr/share/crypto-policies/DEFAULT/sequoia.txt
Provides: config(crypto-policies) = 20250305-2.gita35b0fa.fc42 crypto-policies = 20250305-2.gita35b0fa.fc42
Requires(interp): /bin/sh
Requires(rpmlib): rpmlib(BuiltinLuaScripts) <= 4.2.2-1 rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PartialHardlinkSets) <= 4.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires(pre): /bin/sh
Requires: /usr/bin/bash
Conflicts: gnutls < 3.8.9-1 libreswan < 3.28 nss < 3.105 openssh < 9.9 openssl-libs < 1:3.2.4-3
Recommends: crypto-policies-scripts
Processing files: crypto-policies-scripts-20250305-2.gita35b0fa.fc42.noarch
Provides: crypto-policies-scripts = 20250305-2.gita35b0fa.fc42
Requires(interp): /bin/sh
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PartialHardlinkSets) <= 4.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires(posttrans): /bin/sh
Requires: /usr/bin/python3 /usr/bin/sh
Recommends: (grubby if kernel)
Checking for unpackaged file(s): /usr/lib/rpm/check-files /builddir/build/BUILD/crypto-policies-20250305-build/BUILDROOT
Wrote: /builddir/build/RPMS/crypto-policies-20250305-2.gita35b0fa.fc42.noarch.rpm
Wrote: /builddir/build/RPMS/crypto-policies-scripts-20250305-2.gita35b0fa.fc42.noarch.rpm
Executing(rmbuild): /bin/sh -e /var/tmp/rpm-tmp.f3kEcd
+ umask 022
+ cd /builddir/build/BUILD/crypto-policies-20250305-build
+ test -d /builddir/build/BUILD/crypto-policies-20250305-build
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w /builddir/build/BUILD/crypto-policies-20250305-build
+ rm -rf /builddir/build/BUILD/crypto-policies-20250305-build
+ RPM_EC=0
++ jobs -p
+ exit 0

RPM build warnings:
    /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range
    absolute symlink: /etc/crypto-policies/back-ends/bind.config -> /usr/share/crypto-policies/DEFAULT/bind.txt
    absolute symlink: /etc/crypto-policies/back-ends/gnutls.config -> /usr/share/crypto-policies/DEFAULT/gnutls.txt
    absolute symlink: /etc/crypto-policies/back-ends/java.config -> /usr/share/crypto-policies/DEFAULT/java.txt
    absolute symlink: /etc/crypto-policies/back-ends/krb5.config -> /usr/share/crypto-policies/DEFAULT/krb5.txt
    absolute symlink: /etc/crypto-policies/back-ends/libreswan.config -> /usr/share/crypto-policies/DEFAULT/libreswan.txt
    absolute symlink: /etc/crypto-policies/back-ends/libssh.config -> /usr/share/crypto-policies/DEFAULT/libssh.txt
    absolute symlink: /etc/crypto-policies/back-ends/nss.config -> /usr/share/crypto-policies/DEFAULT/nss.txt
    absolute symlink: /etc/crypto-policies/back-ends/openssh.config -> /usr/share/crypto-policies/DEFAULT/openssh.txt
    absolute symlink: /etc/crypto-policies/back-ends/opensshserver.config -> /usr/share/crypto-policies/DEFAULT/opensshserver.txt
    absolute symlink: /etc/crypto-policies/back-ends/openssl_fips.config -> /usr/share/crypto-policies/DEFAULT/openssl_fips.txt
    absolute symlink: /etc/crypto-policies/back-ends/opensslcnf.config -> /usr/share/crypto-policies/DEFAULT/opensslcnf.txt
    absolute symlink: /etc/crypto-policies/back-ends/rpm-sequoia.config -> /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt
    absolute symlink: /etc/crypto-policies/back-ends/sequoia.config -> /usr/share/crypto-policies/DEFAULT/sequoia.txt
Finish: rpmbuild crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
Finish: build phase for crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm
INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan
INFO: /var/lib/mock/fedora-42-aarch64-1746118400.577433/root/var/log/dnf5.log
INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz
/bin/tar: Removing leading `/' from member names
INFO: Done(/var/lib/copr-rpmbuild/results/crypto-policies-20250305-2.gita35b0fa.fc42.src.rpm) Config(child) 0 minutes 25 seconds
INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results
INFO: Cleaning up build root ('cleanup_on_success=True')
Start: clean chroot
INFO: unmounting tmpfs.
Finish: clean chroot
Finish: run
Running RPMResults tool
Package info:
{
    "packages": [
        {
            "name": "crypto-policies",
            "epoch": null,
            "version": "20250305",
            "release": "2.gita35b0fa.fc42",
            "arch": "src"
        },
        {
            "name": "crypto-policies-scripts",
            "epoch": null,
            "version": "20250305",
            "release": "2.gita35b0fa.fc42",
            "arch": "noarch"
        },
        {
            "name": "crypto-policies",
            "epoch": null,
            "version": "20250305",
            "release": "2.gita35b0fa.fc42",
            "arch": "noarch"
        }
    ]
}
RPMResults finished