Warning: Permanently added '3.91.65.184' (ED25519) to the list of known hosts. You can reproduce this build on your computer by running: sudo dnf install copr-rpmbuild /usr/bin/copr-rpmbuild --verbose --drop-resultdir --task-url https://copr.fedorainfracloud.org/backend/get-build-task/9651029-fedora-rawhide-x86_64 --chroot fedora-rawhide-x86_64 Version: 1.6 PID: 83536 Logging PID: 83538 Task: {'allow_user_ssh': False, 'appstream': False, 'background': True, 'build_id': 9651029, 'buildroot_pkgs': [], 'chroot': 'fedora-rawhide-x86_64', 'enable_net': False, 'fedora_review': False, 'git_hash': '2f229957e4bfbd66ec531af71dbfddc64bc3f08b', 'git_repo': 'https://copr-dist-git.fedorainfracloud.org/git/churchyard/setuptools-80.9.0:custom:isolated/crypto-policies', 'isolation': 'default', 'memory_reqs': 2048, 'package_name': 'crypto-policies', 'package_version': '20250714-5.gitcd6043a', 'project_dirname': 'setuptools-80.9.0:custom:isolated', 'project_name': 'setuptools-80.9.0', 'project_owner': 'churchyard', 'repo_priority': None, 'repos': [{'baseurl': 'https://download.copr.fedorainfracloud.org/results/churchyard/setuptools-80.9.0/fedora-rawhide-x86_64/', 'id': 'copr_base', 'name': 'Copr repository', 'priority': None}, {'baseurl': 'https://download.copr.fedorainfracloud.org/results/churchyard/setuptools-80.9.0:custom:isolated/fedora-rawhide-x86_64/', 'id': 'copr_coprdir', 'name': 'Coprdir repository', 'priority': None}, {'baseurl': 'http://kojipkgs.fedoraproject.org/repos/f44-build/latest/$basearch/', 'id': 'http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch', 'name': 'Additional repo http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch'}], 'sandbox': 'churchyard/setuptools-80.9.0--churchyard', 'source_json': {}, 'source_type': None, 'ssh_public_keys': None, 'storage': 0, 'submitter': 'churchyard', 'tags': [], 'task_id': '9651029-fedora-rawhide-x86_64', 'timeout': 18000, 'uses_devel_repo': False, 'with_opts': [], 'without_opts': []} Running: git clone https://copr-dist-git.fedorainfracloud.org/git/churchyard/setuptools-80.9.0:custom:isolated/crypto-policies /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies --depth 500 --no-single-branch --recursive cmd: ['git', 'clone', 'https://copr-dist-git.fedorainfracloud.org/git/churchyard/setuptools-80.9.0:custom:isolated/crypto-policies', '/var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies', '--depth', '500', '--no-single-branch', '--recursive'] cwd: . rc: 0 stdout: stderr: Cloning into '/var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies'... Running: git checkout 2f229957e4bfbd66ec531af71dbfddc64bc3f08b -- cmd: ['git', 'checkout', '2f229957e4bfbd66ec531af71dbfddc64bc3f08b', '--'] cwd: /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies rc: 0 stdout: stderr: Note: switching to '2f229957e4bfbd66ec531af71dbfddc64bc3f08b'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by switching back to a branch. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -c with the switch command. Example: git switch -c Or undo this operation with: git switch - Turn off this advice by setting config variable advice.detachedHead to false HEAD is now at 2f22995 automatic import of crypto-policies Running: dist-git-client sources cmd: ['dist-git-client', 'sources'] cwd: /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies rc: 0 stdout: stderr: INFO: Reading stdout from command: git rev-parse --abbrev-ref HEAD INFO: Reading stdout from command: git rev-parse HEAD INFO: Reading sources specification file: sources INFO: Downloading crypto-policies-gitcd6043a.tar.gz INFO: Reading stdout from command: curl --help all INFO: Calling: curl -H Pragma: -o crypto-policies-gitcd6043a.tar.gz --location --connect-timeout 60 --retry 3 --retry-delay 10 --remote-time --show-error --fail --retry-all-errors https://copr-dist-git.fedorainfracloud.org/repo/pkgs/churchyard/setuptools-80.9.0:custom:isolated/crypto-policies/crypto-policies-gitcd6043a.tar.gz/md5/d84237fbb5e8f5feafa48e7d516258e8/crypto-policies-gitcd6043a.tar.gz % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 97993 100 97993 0 0 3758k 0 --:--:-- --:--:-- --:--:-- 3827k INFO: Reading stdout from command: md5sum crypto-policies-gitcd6043a.tar.gz tail: /var/lib/copr-rpmbuild/main.log: file truncated Running (timeout=18000): unbuffer mock --spec /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies/crypto-policies.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1759842660.151585 -r /var/lib/copr-rpmbuild/results/configs/child.cfg INFO: mock.py version 6.3 starting (python version = 3.13.7, NVR = mock-6.3-1.fc42), args: /usr/libexec/mock/mock --spec /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies/crypto-policies.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1759842660.151585 -r /var/lib/copr-rpmbuild/results/configs/child.cfg Start(bootstrap): init plugins INFO: tmpfs initialized INFO: selinux enabled INFO: chroot_scan: initialized INFO: compress_logs: initialized Finish(bootstrap): init plugins Start: init plugins INFO: tmpfs initialized INFO: selinux enabled INFO: chroot_scan: initialized INFO: compress_logs: initialized Finish: init plugins INFO: Signal handler active Start: run INFO: Start(/var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies/crypto-policies.spec) Config(fedora-rawhide-x86_64) Start: clean chroot Finish: clean chroot Mock Version: 6.3 INFO: Mock Version: 6.3 Start(bootstrap): chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1759842660.151585/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata INFO: Guessed host environment type: unknown INFO: Using container image: registry.fedoraproject.org/fedora:rawhide INFO: Pulling image: registry.fedoraproject.org/fedora:rawhide INFO: Tagging container image as mock-bootstrap-18b3db64-9351-4a7b-922a-ca68765c9a21 INFO: Checking that 28e0af93e676d22555d5249ba644149cac5818d6cfa18d6e38e7613a36536194 image matches host's architecture INFO: Copy content of container 28e0af93e676d22555d5249ba644149cac5818d6cfa18d6e38e7613a36536194 to /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1759842660.151585/root INFO: mounting 28e0af93e676d22555d5249ba644149cac5818d6cfa18d6e38e7613a36536194 with podman image mount INFO: image 28e0af93e676d22555d5249ba644149cac5818d6cfa18d6e38e7613a36536194 as /var/lib/containers/storage/overlay/38801bbcb602df7f4f66ec64d423a1c11ef7d4c1b62e859f25b54dbbe408a634/merged INFO: umounting image 28e0af93e676d22555d5249ba644149cac5818d6cfa18d6e38e7613a36536194 (/var/lib/containers/storage/overlay/38801bbcb602df7f4f66ec64d423a1c11ef7d4c1b62e859f25b54dbbe408a634/merged) with podman image umount INFO: Removing image mock-bootstrap-18b3db64-9351-4a7b-922a-ca68765c9a21 INFO: Package manager dnf5 detected and used (fallback) INFO: Not updating bootstrap chroot, bootstrap_image_ready=True Start(bootstrap): creating root cache Finish(bootstrap): creating root cache Finish(bootstrap): chroot init Start: chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-1759842660.151585/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin INFO: Package manager dnf5 detected and used (direct choice) INFO: Buildroot is handled by package management downloaded with a bootstrap image: rpm-6.0.0-1.fc44.x86_64 rpm-sequoia-1.9.0-2.fc43.x86_64 dnf5-5.2.17.0-2.fc44.x86_64 dnf5-plugins-5.2.17.0-2.fc44.x86_64 Start: installing minimal buildroot with dnf5 Updating and loading repositories: Additional repo http_kojipkgs_fedorapr 100% | 750.0 B/s | 3.8 KiB | 00m05s Coprdir repository 100% | 300.0 B/s | 1.5 KiB | 00m05s Copr repository 100% | 296.0 B/s | 1.5 KiB | 00m05s fedora 100% | 5.0 KiB/s | 26.7 KiB | 00m05s Repositories loaded. Package Arch Version Repository Size Installing group/module packages: bash x86_64 5.3.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 8.4 MiB bzip2 x86_64 1.0.8-21.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 95.3 KiB coreutils x86_64 9.8-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.4 MiB cpio x86_64 2.15-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.1 MiB diffutils x86_64 3.12-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 MiB fedora-release-common noarch 44-0.3 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 20.6 KiB findutils x86_64 1:4.10.0-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.8 MiB gawk x86_64 5.3.2-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.8 MiB glibc-minimal-langpack x86_64 2.42.9000-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 0.0 B grep x86_64 3.12-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.0 MiB gzip x86_64 1.14-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 397.8 KiB info x86_64 7.2-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 353.9 KiB patch x86_64 2.8-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 222.8 KiB redhat-rpm-config noarch 343-14.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 183.3 KiB rpm-build x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 287.4 KiB sed x86_64 4.9-5.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 857.3 KiB shadow-utils x86_64 2:4.18.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.9 MiB tar x86_64 2:1.35-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.9 MiB unzip x86_64 6.0-68.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 390.3 KiB util-linux x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.5 MiB which x86_64 2.23-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 83.5 KiB xz x86_64 1:5.8.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.3 MiB Installing dependencies: add-determinism x86_64 0.7.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.3 MiB alternatives x86_64 1.33-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 62.2 KiB ansible-srpm-macros noarch 1-18.1.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 35.7 KiB audit-libs x86_64 4.1.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 378.8 KiB binutils x86_64 2.45.50-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 27.1 MiB build-reproducibility-srpm-macros noarch 0.7.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 KiB bzip2-libs x86_64 1.0.8-21.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 80.6 KiB ca-certificates noarch 2025.2.80_v9.0.304-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.7 MiB coreutils-common x86_64 9.8-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 11.1 MiB crypto-policies noarch 20250714-5.gitcd6043a.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 146.9 KiB curl x86_64 8.16.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 475.3 KiB cyrus-sasl-lib x86_64 2.1.28-33.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.3 MiB debugedit x86_64 5.2-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 214.0 KiB dwz x86_64 0.16-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 287.1 KiB ed x86_64 1.22.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 148.1 KiB efi-srpm-macros noarch 6-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 40.1 KiB elfutils x86_64 0.193-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.9 MiB elfutils-debuginfod-client x86_64 0.193-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 83.9 KiB elfutils-default-yama-scope noarch 0.193-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.8 KiB elfutils-libelf x86_64 0.193-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 MiB elfutils-libs x86_64 0.193-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 683.4 KiB fedora-gpg-keys noarch 44-0.1 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 131.2 KiB fedora-release noarch 44-0.3 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 0.0 B fedora-release-identity-basic noarch 44-0.3 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 664.0 B fedora-repos noarch 44-0.1 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 4.9 KiB fedora-repos-rawhide noarch 44-0.1 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.2 KiB file x86_64 5.46-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 100.2 KiB file-libs x86_64 5.46-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 11.9 MiB filesystem x86_64 3.18-50.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 112.0 B filesystem-srpm-macros noarch 3.18-50.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 38.2 KiB fonts-srpm-macros noarch 1:5.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 55.8 KiB forge-srpm-macros noarch 0.4.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 38.9 KiB fpc-srpm-macros noarch 1.3-15.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 144.0 B gap-srpm-macros noarch 2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.1 KiB gdb-minimal x86_64 16.3-6.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 13.3 MiB gdbm-libs x86_64 1:1.23-10.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 129.9 KiB ghc-srpm-macros noarch 1.9.2-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 779.0 B glibc x86_64 2.42.9000-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 6.7 MiB glibc-common x86_64 2.42.9000-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.0 MiB glibc-gconv-extra x86_64 2.42.9000-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 7.2 MiB gmp x86_64 1:6.3.0-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 815.3 KiB gnat-srpm-macros noarch 6-8.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.0 KiB gnulib-l10n noarch 20241231-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 655.0 KiB gnupg2 x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 6.5 MiB gnupg2-dirmngr x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 618.4 KiB gnupg2-gpg-agent x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 671.4 KiB gnupg2-gpgconf x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 250.0 KiB gnupg2-keyboxd x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 201.4 KiB gnupg2-verify x86_64 2.4.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 348.5 KiB gnutls x86_64 3.8.10-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.8 MiB go-srpm-macros noarch 3.8.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 61.9 KiB gpgverify noarch 2.2-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 8.7 KiB ima-evm-utils-libs x86_64 1.6.2-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 60.7 KiB jansson x86_64 2.14-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 89.1 KiB java-srpm-macros noarch 1-7.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 870.0 B json-c x86_64 0.18-7.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 82.7 KiB kernel-srpm-macros noarch 1.0-27.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 KiB keyutils-libs x86_64 1.6.3-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 54.3 KiB krb5-libs x86_64 1.21.3-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.3 MiB libacl x86_64 2.3.2-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 35.9 KiB libarchive x86_64 3.8.1-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 951.1 KiB libassuan x86_64 2.5.7-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 163.8 KiB libattr x86_64 2.5.2-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 24.4 KiB libblkid x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 262.4 KiB libbrotli x86_64 1.1.0-10.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 833.3 KiB libcap x86_64 2.76-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 209.1 KiB libcap-ng x86_64 0.8.5-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 68.9 KiB libcom_err x86_64 1.47.3-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 63.1 KiB libcurl x86_64 8.16.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 919.5 KiB libeconf x86_64 0.7.9-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 64.9 KiB libevent x86_64 2.1.12-16.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 883.1 KiB libfdisk x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 380.4 KiB libffi x86_64 3.5.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 83.8 KiB libfsverity x86_64 1.6-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 28.5 KiB libgcc x86_64 15.2.1-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 266.6 KiB libgcrypt x86_64 1.11.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 MiB libgomp x86_64 15.2.1-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 541.1 KiB libgpg-error x86_64 1.55-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 915.3 KiB libidn2 x86_64 2.3.8-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 552.5 KiB libksba x86_64 1.6.7-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 398.5 KiB liblastlog2 x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 33.9 KiB libmount x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 372.7 KiB libnghttp2 x86_64 1.67.1-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 162.2 KiB libpkgconf x86_64 2.3.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 78.1 KiB libpsl x86_64 0.21.5-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 76.4 KiB libselinux x86_64 3.9-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 193.1 KiB libselinux-utils x86_64 3.9-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 309.0 KiB libsemanage x86_64 3.9-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 308.5 KiB libsepol x86_64 3.9-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 822.0 KiB libsmartcols x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 180.5 KiB libssh x86_64 0.11.3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 567.1 KiB libssh-config noarch 0.11.3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 277.0 B libstdc++ x86_64 15.2.1-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.8 MiB libtasn1 x86_64 4.20.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 176.3 KiB libtool-ltdl x86_64 2.5.4-7.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 70.1 KiB libunistring x86_64 1.1-10.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.7 MiB libusb1 x86_64 1.0.29-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 171.3 KiB libuuid x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 37.4 KiB libverto x86_64 0.3.2-11.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 25.4 KiB libxcrypt x86_64 4.4.38-9.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 284.4 KiB libxml2 x86_64 2.12.10-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.7 MiB libzstd x86_64 1.5.7-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 940.3 KiB linkdupes x86_64 0.7.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 838.7 KiB lua-libs x86_64 5.4.8-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 280.8 KiB lua-srpm-macros noarch 1-16.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.3 KiB lz4-libs x86_64 1.10.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 161.4 KiB mpfr x86_64 4.2.2-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 832.8 KiB ncurses-base noarch 6.5-7.20250614.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 328.1 KiB ncurses-libs x86_64 6.5-7.20250614.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 946.3 KiB nettle x86_64 3.10.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 790.6 KiB npth x86_64 1.8-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 49.6 KiB ocaml-srpm-macros noarch 11-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 KiB openblas-srpm-macros noarch 2-20.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 112.0 B openldap x86_64 2.6.10-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 659.8 KiB openssl-libs x86_64 1:3.5.1-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 9.2 MiB p11-kit x86_64 0.25.8-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.3 MiB p11-kit-trust x86_64 0.25.8-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 446.5 KiB package-notes-srpm-macros noarch 0.5-14.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 KiB pam-libs x86_64 1.7.1-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 126.8 KiB pcre2 x86_64 10.46-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 697.7 KiB pcre2-syntax noarch 10.46-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 275.3 KiB perl-srpm-macros noarch 1-60.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 861.0 B pkgconf x86_64 2.3.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 88.5 KiB pkgconf-m4 noarch 2.3.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 14.4 KiB pkgconf-pkg-config x86_64 2.3.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 989.0 B policycoreutils x86_64 3.9-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 683.5 KiB popt x86_64 1.19-9.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 132.8 KiB publicsuffix-list-dafsa noarch 20250616-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 69.1 KiB pyproject-srpm-macros noarch 1.18.4-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 KiB python-srpm-macros noarch 3.14-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 51.6 KiB qt5-srpm-macros noarch 5.15.17-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 500.0 B qt6-srpm-macros noarch 6.10.0~rc-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 464.0 B readline x86_64 8.3-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 511.7 KiB rpm x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.1 MiB rpm-build-libs x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 268.4 KiB rpm-libs x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 933.8 KiB rpm-plugin-selinux x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 12.0 KiB rpm-sequoia x86_64 1.9.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.5 MiB rpm-sign-libs x86_64 6.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 39.7 KiB rust-srpm-macros noarch 26.4-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 4.8 KiB selinux-policy noarch 42.12-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 31.9 KiB selinux-policy-targeted noarch 42.12-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 18.6 MiB setup noarch 2.15.0-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 725.0 KiB sqlite-libs x86_64 3.50.4-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.5 MiB systemd-libs x86_64 258-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.3 MiB systemd-standalone-sysusers x86_64 258-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 293.5 KiB tpm2-tss x86_64 4.1.3-8.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 MiB tree-sitter-srpm-macros noarch 0.4.2-1.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 8.3 KiB util-linux-core x86_64 2.41.1-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.5 MiB xxhash-libs x86_64 0.8.3-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 90.2 KiB xz-libs x86_64 1:5.8.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 217.8 KiB zig-srpm-macros noarch 1-5.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.1 KiB zip x86_64 3.0-44.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 694.5 KiB zlib-ng-compat x86_64 2.2.5-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 137.6 KiB zstd x86_64 1.5.7-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 506.2 KiB Installing groups: Buildsystem building group Transaction Summary: Installing: 177 packages Total size of inbound packages is 66 MiB. Need to download 0 B. After this operation, 219 MiB extra will be used (install 219 MiB, remove 0 B). [ 1/177] tar-2:1.35-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 2/177] bzip2-0:1.0.8-21.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 3/177] redhat-rpm-config-0:343-14.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 4/177] rpm-build-0:6.0.0-1.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 5/177] unzip-0:6.0-68.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 6/177] cpio-0:2.15-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 7/177] which-0:2.23-3.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 8/177] bash-0:5.3.0-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 9/177] coreutils-0:9.8-3.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 10/177] grep-0:3.12-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 11/177] patch-0:2.8-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 12/177] sed-0:4.9-5.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 13/177] shadow-utils-2:4.18.0-3.fc43. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 14/177] util-linux-0:2.41.1-17.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 15/177] diffutils-0:3.12-3.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 16/177] fedora-release-common-0:44-0. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 17/177] findutils-1:4.10.0-6.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 18/177] gawk-0:5.3.2-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 19/177] glibc-minimal-langpack-0:2.42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 20/177] gzip-0:1.14-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 21/177] info-0:7.2-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 22/177] xz-1:5.8.1-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 23/177] glibc-0:2.42.9000-5.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 24/177] xz-libs-1:5.8.1-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 25/177] audit-libs-0:4.1.2-2.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 26/177] filesystem-0:3.18-50.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 27/177] libblkid-0:2.41.1-17.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 28/177] libcap-ng-0:0.8.5-8.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 29/177] libfdisk-0:2.41.1-17.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 30/177] libgcc-0:15.2.1-2.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 31/177] liblastlog2-0:2.41.1-17.fc44. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 32/177] libmount-0:2.41.1-17.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 33/177] libselinux-0:3.9-5.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 34/177] libsmartcols-0:2.41.1-17.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 35/177] libuuid-0:2.41.1-17.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 36/177] ncurses-libs-0:6.5-7.20250614 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 37/177] pam-libs-0:1.7.1-3.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 38/177] readline-0:8.3-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 39/177] systemd-libs-0:258-1.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 40/177] util-linux-core-0:2.41.1-17.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 41/177] zlib-ng-compat-0:2.2.5-2.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 42/177] bzip2-libs-0:1.0.8-21.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 43/177] libacl-0:2.3.2-4.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 44/177] libcap-0:2.76-3.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 45/177] libeconf-0:0.7.9-2.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 46/177] libsemanage-0:3.9-4.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 47/177] libxcrypt-0:4.4.38-9.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 48/177] setup-0:2.15.0-26.fc43.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 49/177] binutils-0:2.45.50-5.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 50/177] debugedit-0:5.2-3.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 51/177] elfutils-0:0.193-3.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 52/177] elfutils-libelf-0:0.193-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 53/177] file-0:5.46-8.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 54/177] libarchive-0:3.8.1-3.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 55/177] libstdc++-0:15.2.1-2.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 56/177] pkgconf-pkg-config-0:2.3.0-3. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 57/177] popt-0:1.19-9.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 58/177] rpm-0:6.0.0-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 59/177] rpm-build-libs-0:6.0.0-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 60/177] rpm-libs-0:6.0.0-1.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 61/177] zstd-0:1.5.7-3.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 62/177] curl-0:8.16.0-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 63/177] glibc-gconv-extra-0:2.42.9000 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 64/177] ansible-srpm-macros-0:1-18.1. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 65/177] build-reproducibility-srpm-ma 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 66/177] dwz-0:0.16-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 67/177] efi-srpm-macros-0:6-4.fc43.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 68/177] filesystem-srpm-macros-0:3.18 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 69/177] fonts-srpm-macros-1:5.0.0-1.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 70/177] forge-srpm-macros-0:0.4.0-3.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 71/177] fpc-srpm-macros-0:1.3-15.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 72/177] gap-srpm-macros-0:2-1.fc44.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 73/177] ghc-srpm-macros-0:1.9.2-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 74/177] gnat-srpm-macros-0:6-8.fc43.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 75/177] go-srpm-macros-0:3.8.0-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 76/177] java-srpm-macros-0:1-7.fc43.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 77/177] kernel-srpm-macros-0:1.0-27.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 78/177] lua-srpm-macros-0:1-16.fc43.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 79/177] ocaml-srpm-macros-0:11-2.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 80/177] openblas-srpm-macros-0:2-20.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 81/177] package-notes-srpm-macros-0:0 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 82/177] perl-srpm-macros-0:1-60.fc43. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 83/177] pyproject-srpm-macros-0:1.18. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 84/177] python-srpm-macros-0:3.14-8.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 85/177] qt5-srpm-macros-0:5.15.17-2.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 86/177] qt6-srpm-macros-0:6.10.0~rc-1 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 87/177] rust-srpm-macros-0:26.4-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 88/177] tree-sitter-srpm-macros-0:0.4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 89/177] zig-srpm-macros-0:1-5.fc43.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 90/177] zip-0:3.0-44.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 91/177] pkgconf-0:2.3.0-3.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 92/177] pkgconf-m4-0:2.3.0-3.fc43.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 93/177] libpkgconf-0:2.3.0-3.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 94/177] ed-0:1.22.2-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 95/177] libattr-0:2.5.2-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 96/177] ncurses-base-0:6.5-7.20250614 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 97/177] libsepol-0:3.9-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 98/177] pcre2-0:10.46-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 99/177] sqlite-libs-0:3.50.4-1.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [100/177] libxml2-0:2.12.10-5.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [101/177] libzstd-0:1.5.7-3.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [102/177] lz4-libs-0:1.10.0-3.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [103/177] openssl-libs-1:3.5.1-3.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [104/177] glibc-common-0:2.42.9000-5.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [105/177] gmp-1:6.3.0-4.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [106/177] mpfr-0:4.2.2-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [107/177] file-libs-0:5.46-8.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [108/177] fedora-repos-0:44-0.1.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [109/177] elfutils-debuginfod-client-0: 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [110/177] elfutils-libs-0:0.193-3.fc43. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [111/177] coreutils-common-0:9.8-3.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [112/177] add-determinism-0:0.7.2-2.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [113/177] linkdupes-0:0.7.2-2.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [114/177] alternatives-0:1.33-2.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [115/177] jansson-0:2.14-3.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [116/177] lua-libs-0:5.4.8-2.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [117/177] rpm-sequoia-0:1.9.0-2.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [118/177] libgomp-0:15.2.1-2.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [119/177] rpm-sign-libs-0:6.0.0-1.fc44. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [120/177] pcre2-syntax-0:10.46-1.fc44.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [121/177] ca-certificates-0:2025.2.80_v 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [122/177] crypto-policies-0:20250714-5. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [123/177] fedora-gpg-keys-0:44-0.1.noar 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [124/177] fedora-repos-rawhide-0:44-0.1 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [125/177] elfutils-default-yama-scope-0 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [126/177] json-c-0:0.18-7.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [127/177] gnulib-l10n-0:20241231-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [128/177] libffi-0:3.5.2-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [129/177] p11-kit-0:0.25.8-1.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [130/177] p11-kit-trust-0:0.25.8-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [131/177] gnupg2-0:2.4.8-4.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [132/177] ima-evm-utils-libs-0:1.6.2-6. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [133/177] libfsverity-0:1.6-3.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [134/177] gpgverify-0:2.2-3.fc43.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [135/177] libtasn1-0:4.20.0-2.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [136/177] tpm2-tss-0:4.1.3-8.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [137/177] gnupg2-verify-0:2.4.8-4.fc43. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [138/177] libassuan-0:2.5.7-4.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [139/177] libgcrypt-0:1.11.1-2.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [140/177] libgpg-error-0:1.55-2.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [141/177] npth-0:1.8-3.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [142/177] gnupg2-dirmngr-0:2.4.8-4.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [143/177] gnupg2-gpg-agent-0:2.4.8-4.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [144/177] gnupg2-gpgconf-0:2.4.8-4.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [145/177] gnupg2-keyboxd-0:2.4.8-4.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [146/177] libusb1-0:1.0.29-4.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [147/177] libksba-0:1.6.7-4.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [148/177] gnutls-0:3.8.10-5.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [149/177] openldap-0:2.6.10-4.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [150/177] cyrus-sasl-lib-0:2.1.28-33.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [151/177] libevent-0:2.1.12-16.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [152/177] libtool-ltdl-0:2.5.4-7.fc43.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [153/177] libidn2-0:2.3.8-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [154/177] libunistring-0:1.1-10.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [155/177] nettle-0:3.10.1-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [156/177] gdbm-libs-1:1.23-10.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [157/177] fedora-release-0:44-0.3.noarc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [158/177] systemd-standalone-sysusers-0 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [159/177] gdb-minimal-0:16.3-6.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [160/177] xxhash-libs-0:0.8.3-3.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [161/177] fedora-release-identity-basic 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [162/177] libcurl-0:8.16.0-1.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [163/177] selinux-policy-targeted-0:42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [164/177] policycoreutils-0:3.9-5.fc44. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [165/177] selinux-policy-0:42.12-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [166/177] rpm-plugin-selinux-0:6.0.0-1. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [167/177] libselinux-utils-0:3.9-5.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [168/177] krb5-libs-0:1.21.3-8.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [169/177] libbrotli-0:1.1.0-10.fc44.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [170/177] libnghttp2-0:1.67.1-1.fc44.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [171/177] libpsl-0:0.21.5-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [172/177] libssh-0:0.11.3-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [173/177] keyutils-libs-0:1.6.3-6.fc43. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [174/177] libcom_err-0:1.47.3-2.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [175/177] libverto-0:0.3.2-11.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [176/177] libssh-config-0:0.11.3-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [177/177] publicsuffix-list-dafsa-0:202 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [177/177] Total 100% | 0.0 B/s | 0.0 B | 00m00s Running transaction [ 1/179] Verify package files 100% | 800.0 B/s | 177.0 B | 00m00s [ 2/179] Prepare transaction 100% | 3.8 KiB/s | 177.0 B | 00m00s [ 3/179] Installing libgcc-0:15.2.1-2. 100% | 262.0 MiB/s | 268.3 KiB | 00m00s [ 4/179] Installing publicsuffix-list- 100% | 0.0 B/s | 69.8 KiB | 00m00s [ 5/179] Installing libssh-config-0:0. 100% | 0.0 B/s | 816.0 B | 00m00s [ 6/179] Installing fedora-release-ide 100% | 0.0 B/s | 920.0 B | 00m00s [ 7/179] Installing fedora-repos-rawhi 100% | 0.0 B/s | 2.4 KiB | 00m00s [ 8/179] Installing fedora-gpg-keys-0: 100% | 58.3 MiB/s | 179.0 KiB | 00m00s [ 9/179] Installing fedora-repos-0:44- 100% | 0.0 B/s | 5.7 KiB | 00m00s [ 10/179] Installing fedora-release-com 100% | 24.3 MiB/s | 24.9 KiB | 00m00s [ 11/179] Installing fedora-release-0:4 100% | 20.2 KiB/s | 124.0 B | 00m00s >>> Running sysusers scriptlet: setup-0:2.15.0-26.fc43.noarch >>> Finished sysusers scriptlet: setup-0:2.15.0-26.fc43.noarch >>> Scriptlet output: >>> Creating group 'adm' with GID 4. >>> Creating group 'audio' with GID 63. >>> Creating group 'cdrom' with GID 11. >>> Creating group 'clock' with GID 103. >>> Creating group 'dialout' with GID 18. >>> Creating group 'disk' with GID 6. >>> Creating group 'floppy' with GID 19. >>> Creating group 'ftp' with GID 50. >>> Creating group 'games' with GID 20. >>> Creating group 'input' with GID 104. >>> Creating group 'kmem' with GID 9. >>> Creating group 'kvm' with GID 36. >>> Creating group 'lock' with GID 54. >>> Creating group 'lp' with GID 7. >>> Creating group 'mail' with GID 12. >>> Creating group 'man' with GID 15. >>> Creating group 'mem' with GID 8. >>> Creating group 'nobody' with GID 65534. >>> Creating group 'render' with GID 105. >>> Creating group 'root' with GID 0. >>> Creating group 'sgx' with GID 106. >>> Creating group 'sys' with GID 3. >>> Creating group 'tape' with GID 33. >>> Creating group 'tty' with GID 5. >>> Creating group 'users' with GID 100. >>> Creating group 'utmp' with GID 22. >>> Creating group 'video' with GID 39. >>> Creating group 'wheel' with GID 10. >>> Creating user 'adm' (adm) with UID 3 and GID 4. >>> Creating group 'bin' with GID 1. >>> Creating user 'bin' (bin) with UID 1 and GID 1. >>> Creating group 'daemon' with GID 2. >>> Creating user 'daemon' (daemon) with UID 2 and GID 2. >>> Creating user 'ftp' (FTP User) with UID 14 and GID 50. >>> Creating user 'games' (games) with UID 12 and GID 100. >>> Creating user 'halt' (halt) with UID 7 and GID 0. >>> Creating user 'lp' (lp) with UID 4 and GID 7. >>> Creating user 'mail' (mail) with UID 8 and GID 12. >>> Creating user 'nobody' (Kernel Overflow User) with UID 65534 and GID 65534. >>> Creating user 'operator' (operator) with UID 11 and GID 0. >>> Creating user 'root' (Super User) with UID 0 and GID 0. >>> Creating user 'shutdown' (shutdown) with UID 6 and GID 0. >>> Creating user 'sync' (sync) with UID 5 and GID 0. >>> [ 12/179] Installing setup-0:2.15.0-26. 100% | 59.5 MiB/s | 730.6 KiB | 00m00s >>> [RPM] /etc/hosts created as /etc/hosts.rpmnew [ 13/179] Installing filesystem-0:3.18- 100% | 3.2 MiB/s | 212.8 KiB | 00m00s [ 14/179] Installing gnulib-l10n-0:2024 100% | 215.5 MiB/s | 661.9 KiB | 00m00s [ 15/179] Installing coreutils-common-0 100% | 447.0 MiB/s | 11.2 MiB | 00m00s [ 16/179] Installing pcre2-syntax-0:10. 100% | 271.2 MiB/s | 277.8 KiB | 00m00s [ 17/179] Installing ncurses-base-0:6.5 100% | 115.1 MiB/s | 353.5 KiB | 00m00s [ 18/179] Installing bash-0:5.3.0-2.fc4 100% | 324.2 MiB/s | 8.4 MiB | 00m00s [ 19/179] Installing glibc-common-0:2.4 100% | 72.9 MiB/s | 1.0 MiB | 00m00s [ 20/179] Installing glibc-gconv-extra- 100% | 332.3 MiB/s | 7.3 MiB | 00m00s [ 21/179] Installing glibc-0:2.42.9000- 100% | 216.1 MiB/s | 6.7 MiB | 00m00s [ 22/179] Installing ncurses-libs-0:6.5 100% | 310.1 MiB/s | 952.8 KiB | 00m00s [ 23/179] Installing glibc-minimal-lang 100% | 0.0 B/s | 124.0 B | 00m00s [ 24/179] Installing zlib-ng-compat-0:2 100% | 0.0 B/s | 138.4 KiB | 00m00s [ 25/179] Installing bzip2-libs-0:1.0.8 100% | 0.0 B/s | 81.7 KiB | 00m00s [ 26/179] Installing libgpg-error-0:1.5 100% | 75.0 MiB/s | 921.1 KiB | 00m00s [ 27/179] Installing libstdc++-0:15.2.1 100% | 474.0 MiB/s | 2.8 MiB | 00m00s [ 28/179] Installing libassuan-0:2.5.7- 100% | 161.7 MiB/s | 165.6 KiB | 00m00s [ 29/179] Installing libgcrypt-0:1.11.1 100% | 393.8 MiB/s | 1.6 MiB | 00m00s [ 30/179] Installing readline-0:8.3-2.f 100% | 501.8 MiB/s | 513.9 KiB | 00m00s [ 31/179] Installing xz-libs-1:5.8.1-2. 100% | 213.8 MiB/s | 218.9 KiB | 00m00s [ 32/179] Installing libuuid-0:2.41.1-1 100% | 0.0 B/s | 38.5 KiB | 00m00s [ 33/179] Installing gmp-1:6.3.0-4.fc44 100% | 399.2 MiB/s | 817.5 KiB | 00m00s [ 34/179] Installing popt-0:1.19-9.fc43 100% | 68.1 MiB/s | 139.4 KiB | 00m00s [ 35/179] Installing libzstd-0:1.5.7-3. 100% | 459.7 MiB/s | 941.6 KiB | 00m00s [ 36/179] Installing elfutils-libelf-0: 100% | 388.8 MiB/s | 1.2 MiB | 00m00s [ 37/179] Installing npth-0:1.8-3.fc43. 100% | 0.0 B/s | 50.7 KiB | 00m00s [ 38/179] Installing libblkid-0:2.41.1- 100% | 257.3 MiB/s | 263.5 KiB | 00m00s [ 39/179] Installing libxcrypt-0:4.4.38 100% | 280.4 MiB/s | 287.1 KiB | 00m00s [ 40/179] Installing libsepol-0:3.9-2.f 100% | 401.8 MiB/s | 822.9 KiB | 00m00s [ 41/179] Installing sqlite-libs-0:3.50 100% | 379.1 MiB/s | 1.5 MiB | 00m00s [ 42/179] Installing gnupg2-gpgconf-0:2 100% | 24.6 MiB/s | 252.0 KiB | 00m00s [ 43/179] Installing libattr-0:2.5.2-6. 100% | 0.0 B/s | 25.4 KiB | 00m00s [ 44/179] Installing libacl-0:2.3.2-4.f 100% | 0.0 B/s | 36.8 KiB | 00m00s [ 45/179] Installing pcre2-0:10.46-1.fc 100% | 341.4 MiB/s | 699.1 KiB | 00m00s [ 46/179] Installing libselinux-0:3.9-5 100% | 189.8 MiB/s | 194.4 KiB | 00m00s [ 47/179] Installing grep-0:3.12-2.fc43 100% | 77.1 MiB/s | 1.0 MiB | 00m00s [ 48/179] Installing sed-0:4.9-5.fc43.x 100% | 70.4 MiB/s | 865.5 KiB | 00m00s [ 49/179] Installing findutils-1:4.10.0 100% | 132.7 MiB/s | 1.9 MiB | 00m00s [ 50/179] Installing libtasn1-0:4.20.0- 100% | 173.9 MiB/s | 178.1 KiB | 00m00s [ 51/179] Installing libunistring-0:1.1 100% | 431.7 MiB/s | 1.7 MiB | 00m00s [ 52/179] Installing libidn2-0:2.3.8-2. 100% | 68.2 MiB/s | 558.7 KiB | 00m00s [ 53/179] Installing crypto-policies-0: 100% | 42.0 MiB/s | 172.0 KiB | 00m00s [ 54/179] Installing xz-1:5.8.1-2.fc43. 100% | 88.8 MiB/s | 1.3 MiB | 00m00s [ 55/179] Installing libmount-0:2.41.1- 100% | 365.0 MiB/s | 373.8 KiB | 00m00s [ 56/179] Installing gnupg2-verify-0:2. 100% | 34.2 MiB/s | 349.9 KiB | 00m00s [ 57/179] Installing dwz-0:0.16-2.fc43. 100% | 28.2 MiB/s | 288.5 KiB | 00m00s [ 58/179] Installing mpfr-0:4.2.2-2.fc4 100% | 407.4 MiB/s | 834.4 KiB | 00m00s [ 59/179] Installing gawk-0:5.3.2-2.fc4 100% | 121.1 MiB/s | 1.8 MiB | 00m00s [ 60/179] Installing libksba-0:1.6.7-4. 100% | 391.7 MiB/s | 401.1 KiB | 00m00s [ 61/179] Installing unzip-0:6.0-68.fc4 100% | 35.0 MiB/s | 393.8 KiB | 00m00s [ 62/179] Installing file-libs-0:5.46-8 100% | 741.1 MiB/s | 11.9 MiB | 00m00s [ 63/179] Installing file-0:5.46-8.fc44 100% | 9.9 MiB/s | 101.7 KiB | 00m00s [ 64/179] Installing diffutils-0:3.12-3 100% | 111.5 MiB/s | 1.6 MiB | 00m00s [ 65/179] Installing libcap-ng-0:0.8.5- 100% | 0.0 B/s | 70.8 KiB | 00m00s [ 66/179] Installing audit-libs-0:4.1.2 100% | 372.6 MiB/s | 381.5 KiB | 00m00s [ 67/179] Installing libsemanage-0:3.9- 100% | 303.0 MiB/s | 310.2 KiB | 00m00s [ 68/179] Installing libsmartcols-0:2.4 100% | 177.3 MiB/s | 181.6 KiB | 00m00s [ 69/179] Installing libeconf-0:0.7.9-2 100% | 0.0 B/s | 66.5 KiB | 00m00s [ 70/179] Installing pam-libs-0:1.7.1-3 100% | 126.0 MiB/s | 129.0 KiB | 00m00s [ 71/179] Installing libcap-0:2.76-3.fc 100% | 19.0 MiB/s | 214.3 KiB | 00m00s [ 72/179] Installing systemd-libs-0:258 100% | 387.5 MiB/s | 2.3 MiB | 00m00s [ 73/179] Installing alternatives-0:1.3 100% | 6.2 MiB/s | 63.8 KiB | 00m00s [ 74/179] Installing lua-libs-0:5.4.8-2 100% | 275.3 MiB/s | 281.9 KiB | 00m00s [ 75/179] Installing json-c-0:0.18-7.fc 100% | 0.0 B/s | 84.0 KiB | 00m00s [ 76/179] Installing libffi-0:3.5.2-1.f 100% | 0.0 B/s | 85.2 KiB | 00m00s [ 77/179] Installing p11-kit-0:0.25.8-1 100% | 143.1 MiB/s | 2.3 MiB | 00m00s [ 78/179] Installing p11-kit-trust-0:0. 100% | 25.8 MiB/s | 448.3 KiB | 00m00s [ 79/179] Installing openssl-libs-1:3.5 100% | 439.1 MiB/s | 9.2 MiB | 00m00s [ 80/179] Installing coreutils-0:9.8-3. 100% | 188.8 MiB/s | 5.5 MiB | 00m00s [ 81/179] Installing ca-certificates-0: 100% | 2.4 MiB/s | 2.5 MiB | 00m01s [ 82/179] Installing gzip-0:1.14-1.fc44 100% | 32.8 MiB/s | 403.3 KiB | 00m00s [ 83/179] Installing rpm-sequoia-0:1.9. 100% | 413.1 MiB/s | 2.5 MiB | 00m00s [ 84/179] Installing libfsverity-0:1.6- 100% | 0.0 B/s | 29.5 KiB | 00m00s [ 85/179] Installing libevent-0:2.1.12- 100% | 288.7 MiB/s | 886.8 KiB | 00m00s [ 86/179] Installing util-linux-core-0: 100% | 98.6 MiB/s | 1.5 MiB | 00m00s [ 87/179] Installing libusb1-0:1.0.29-4 100% | 24.1 MiB/s | 172.9 KiB | 00m00s >>> Running sysusers scriptlet: tpm2-tss-0:4.1.3-8.fc43.x86_64 >>> Finished sysusers scriptlet: tpm2-tss-0:4.1.3-8.fc43.x86_64 >>> Scriptlet output: >>> Creating group 'tss' with GID 59. >>> Creating user 'tss' (Account used for TPM access) with UID 59 and GID 59. >>> [ 88/179] Installing tpm2-tss-0:4.1.3-8 100% | 314.4 MiB/s | 1.6 MiB | 00m00s [ 89/179] Installing ima-evm-utils-libs 100% | 0.0 B/s | 62.0 KiB | 00m00s [ 90/179] Installing gnupg2-gpg-agent-0 100% | 38.8 MiB/s | 675.4 KiB | 00m00s [ 91/179] Installing systemd-standalone 100% | 26.1 MiB/s | 294.1 KiB | 00m00s [ 92/179] Installing rpm-libs-0:6.0.0-1 100% | 304.5 MiB/s | 935.3 KiB | 00m00s [ 93/179] Installing zip-0:3.0-44.fc43. 100% | 56.8 MiB/s | 698.4 KiB | 00m00s [ 94/179] Installing gnupg2-keyboxd-0:2 100% | 39.6 MiB/s | 202.7 KiB | 00m00s [ 95/179] Installing libpsl-0:0.21.5-6. 100% | 75.7 MiB/s | 77.5 KiB | 00m00s [ 96/179] Installing tar-2:1.35-6.fc43. 100% | 164.3 MiB/s | 3.0 MiB | 00m00s [ 97/179] Installing linkdupes-0:0.7.2- 100% | 68.4 MiB/s | 840.1 KiB | 00m00s [ 98/179] Installing libselinux-utils-0 100% | 26.3 MiB/s | 323.4 KiB | 00m00s [ 99/179] Installing liblastlog2-0:2.41 100% | 8.8 MiB/s | 35.9 KiB | 00m00s [100/179] Installing libfdisk-0:2.41.1- 100% | 186.2 MiB/s | 381.4 KiB | 00m00s [101/179] Installing util-linux-0:2.41. 100% | 119.1 MiB/s | 3.6 MiB | 00m00s [102/179] Installing policycoreutils-0: 100% | 34.8 MiB/s | 711.8 KiB | 00m00s [103/179] Installing selinux-policy-0:4 100% | 2.0 MiB/s | 33.5 KiB | 00m00s [104/179] Installing selinux-policy-tar 100% | 222.4 MiB/s | 14.9 MiB | 00m00s [105/179] Installing zstd-0:1.5.7-3.fc4 100% | 38.3 MiB/s | 509.8 KiB | 00m00s [106/179] Installing nettle-0:3.10.1-2. 100% | 387.5 MiB/s | 793.7 KiB | 00m00s [107/179] Installing gnutls-0:3.8.10-5. 100% | 427.0 MiB/s | 3.8 MiB | 00m00s [108/179] Installing libxml2-0:2.12.10- 100% | 121.7 MiB/s | 1.7 MiB | 00m00s [109/179] Installing bzip2-0:1.0.8-21.f 100% | 8.9 MiB/s | 99.8 KiB | 00m00s [110/179] Installing add-determinism-0: 100% | 153.7 MiB/s | 2.3 MiB | 00m00s [111/179] Installing build-reproducibil 100% | 0.0 B/s | 1.5 KiB | 00m00s [112/179] Installing cpio-0:2.15-6.fc43 100% | 84.6 MiB/s | 1.1 MiB | 00m00s [113/179] Installing libpkgconf-0:2.3.0 100% | 0.0 B/s | 79.2 KiB | 00m00s [114/179] Installing pkgconf-0:2.3.0-3. 100% | 8.9 MiB/s | 91.0 KiB | 00m00s [115/179] Installing ed-0:1.22.2-1.fc44 100% | 14.7 MiB/s | 150.4 KiB | 00m00s [116/179] Installing patch-0:2.8-2.fc43 100% | 21.9 MiB/s | 224.3 KiB | 00m00s [117/179] Installing lz4-libs-0:1.10.0- 100% | 158.6 MiB/s | 162.5 KiB | 00m00s [118/179] Installing libarchive-0:3.8.1 100% | 310.2 MiB/s | 953.1 KiB | 00m00s [119/179] Installing jansson-0:2.14-3.f 100% | 88.3 MiB/s | 90.5 KiB | 00m00s [120/179] Installing libgomp-0:15.2.1-2 100% | 529.8 MiB/s | 542.5 KiB | 00m00s [121/179] Installing libtool-ltdl-0:2.5 100% | 0.0 B/s | 71.2 KiB | 00m00s [122/179] Installing gdbm-libs-1:1.23-1 100% | 128.5 MiB/s | 131.6 KiB | 00m00s [123/179] Installing cyrus-sasl-lib-0:2 100% | 153.3 MiB/s | 2.3 MiB | 00m00s [124/179] Installing openldap-0:2.6.10- 100% | 324.0 MiB/s | 663.6 KiB | 00m00s [125/179] Installing gnupg2-dirmngr-0:2 100% | 33.7 MiB/s | 621.1 KiB | 00m00s [126/179] Installing gnupg2-0:2.4.8-4.f 100% | 252.0 MiB/s | 6.6 MiB | 00m00s [127/179] Installing rpm-sign-libs-0:6. 100% | 0.0 B/s | 40.6 KiB | 00m00s [128/179] Installing gpgverify-0:2.2-3. 100% | 0.0 B/s | 9.4 KiB | 00m00s [129/179] Installing xxhash-libs-0:0.8. 100% | 0.0 B/s | 91.6 KiB | 00m00s [130/179] Installing libbrotli-0:1.1.0- 100% | 408.0 MiB/s | 835.6 KiB | 00m00s [131/179] Installing libnghttp2-0:1.67. 100% | 159.5 MiB/s | 163.4 KiB | 00m00s [132/179] Installing keyutils-libs-0:1. 100% | 0.0 B/s | 55.7 KiB | 00m00s [133/179] Installing libcom_err-0:1.47. 100% | 0.0 B/s | 64.2 KiB | 00m00s [134/179] Installing libverto-0:0.3.2-1 100% | 0.0 B/s | 27.2 KiB | 00m00s [135/179] Installing krb5-libs-0:1.21.3 100% | 383.3 MiB/s | 2.3 MiB | 00m00s [136/179] Installing libssh-0:0.11.3-1. 100% | 277.9 MiB/s | 569.2 KiB | 00m00s [137/179] Installing libcurl-0:8.16.0-1 100% | 449.5 MiB/s | 920.6 KiB | 00m00s [138/179] Installing curl-0:8.16.0-1.fc 100% | 24.6 MiB/s | 478.1 KiB | 00m00s [139/179] Installing rpm-0:6.0.0-1.fc44 100% | 95.4 MiB/s | 2.6 MiB | 00m00s [140/179] Installing efi-srpm-macros-0: 100% | 0.0 B/s | 41.1 KiB | 00m00s [141/179] Installing java-srpm-macros-0 100% | 0.0 B/s | 1.1 KiB | 00m00s [142/179] Installing lua-srpm-macros-0: 100% | 0.0 B/s | 1.9 KiB | 00m00s [143/179] Installing tree-sitter-srpm-m 100% | 0.0 B/s | 9.3 KiB | 00m00s [144/179] Installing zig-srpm-macros-0: 100% | 0.0 B/s | 1.7 KiB | 00m00s [145/179] Installing filesystem-srpm-ma 100% | 0.0 B/s | 38.9 KiB | 00m00s [146/179] Installing elfutils-default-y 100% | 510.7 KiB/s | 2.0 KiB | 00m00s [147/179] Installing elfutils-libs-0:0. 100% | 334.6 MiB/s | 685.2 KiB | 00m00s [148/179] Installing elfutils-debuginfo 100% | 7.7 MiB/s | 86.2 KiB | 00m00s [149/179] Installing binutils-0:2.45.50 100% | 382.0 MiB/s | 27.1 MiB | 00m00s [150/179] Installing elfutils-0:0.193-3 100% | 171.7 MiB/s | 2.9 MiB | 00m00s [151/179] Installing gdb-minimal-0:16.3 100% | 339.9 MiB/s | 13.3 MiB | 00m00s [152/179] Installing debugedit-0:5.2-3. 100% | 19.3 MiB/s | 217.3 KiB | 00m00s [153/179] Installing rpm-build-libs-0:6 100% | 262.9 MiB/s | 269.2 KiB | 00m00s [154/179] Installing pkgconf-m4-0:2.3.0 100% | 0.0 B/s | 14.8 KiB | 00m00s [155/179] Installing pkgconf-pkg-config 100% | 177.3 KiB/s | 1.8 KiB | 00m00s [156/179] Installing rust-srpm-macros-0 100% | 0.0 B/s | 5.6 KiB | 00m00s [157/179] Installing qt6-srpm-macros-0: 100% | 0.0 B/s | 740.0 B | 00m00s [158/179] Installing qt5-srpm-macros-0: 100% | 0.0 B/s | 776.0 B | 00m00s [159/179] Installing perl-srpm-macros-0 100% | 0.0 B/s | 1.1 KiB | 00m00s [160/179] Installing package-notes-srpm 100% | 0.0 B/s | 2.0 KiB | 00m00s [161/179] Installing openblas-srpm-macr 100% | 0.0 B/s | 392.0 B | 00m00s [162/179] Installing ocaml-srpm-macros- 100% | 0.0 B/s | 2.1 KiB | 00m00s [163/179] Installing kernel-srpm-macros 100% | 0.0 B/s | 2.3 KiB | 00m00s [164/179] Installing gnat-srpm-macros-0 100% | 0.0 B/s | 1.3 KiB | 00m00s [165/179] Installing ghc-srpm-macros-0: 100% | 0.0 B/s | 1.0 KiB | 00m00s [166/179] Installing gap-srpm-macros-0: 100% | 0.0 B/s | 2.7 KiB | 00m00s [167/179] Installing fpc-srpm-macros-0: 100% | 0.0 B/s | 420.0 B | 00m00s [168/179] Installing ansible-srpm-macro 100% | 0.0 B/s | 36.2 KiB | 00m00s [169/179] Installing rpm-build-0:6.0.0- 100% | 24.1 MiB/s | 296.5 KiB | 00m00s [170/179] Installing pyproject-srpm-mac 100% | 0.0 B/s | 2.5 KiB | 00m00s [171/179] Installing redhat-rpm-config- 100% | 185.1 MiB/s | 189.5 KiB | 00m00s [172/179] Installing forge-srpm-macros- 100% | 0.0 B/s | 40.3 KiB | 00m00s [173/179] Installing fonts-srpm-macros- 100% | 0.0 B/s | 57.0 KiB | 00m00s [174/179] Installing go-srpm-macros-0:3 100% | 0.0 B/s | 63.0 KiB | 00m00s [175/179] Installing python-srpm-macros 100% | 0.0 B/s | 52.9 KiB | 00m00s [176/179] Installing rpm-plugin-selinux 100% | 0.0 B/s | 13.0 KiB | 00m00s [177/179] Installing which-0:2.23-3.fc4 100% | 7.6 MiB/s | 85.7 KiB | 00m00s [178/179] Installing shadow-utils-2:4.1 100% | 141.8 MiB/s | 4.0 MiB | 00m00s [179/179] Installing info-0:7.2-6.fc43. 100% | 56.4 KiB/s | 354.3 KiB | 00m06s Warning: skipped OpenPGP checks for 177 packages from repository: http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch Complete! Finish: installing minimal buildroot with dnf5 Start: creating root cache Finish: creating root cache Finish: chroot init INFO: Installed packages: INFO: add-determinism-0.7.2-2.fc44.x86_64 alternatives-1.33-2.fc43.x86_64 ansible-srpm-macros-1-18.1.fc43.noarch audit-libs-4.1.2-2.fc44.x86_64 bash-5.3.0-2.fc43.x86_64 binutils-2.45.50-5.fc44.x86_64 build-reproducibility-srpm-macros-0.7.2-2.fc44.noarch bzip2-1.0.8-21.fc43.x86_64 bzip2-libs-1.0.8-21.fc43.x86_64 ca-certificates-2025.2.80_v9.0.304-2.fc44.noarch coreutils-9.8-3.fc44.x86_64 coreutils-common-9.8-3.fc44.x86_64 cpio-2.15-6.fc43.x86_64 crypto-policies-20250714-5.gitcd6043a.fc44.noarch curl-8.16.0-1.fc44.x86_64 cyrus-sasl-lib-2.1.28-33.fc44.x86_64 debugedit-5.2-3.fc44.x86_64 diffutils-3.12-3.fc43.x86_64 dwz-0.16-2.fc43.x86_64 ed-1.22.2-1.fc44.x86_64 efi-srpm-macros-6-4.fc43.noarch elfutils-0.193-3.fc43.x86_64 elfutils-debuginfod-client-0.193-3.fc43.x86_64 elfutils-default-yama-scope-0.193-3.fc43.noarch elfutils-libelf-0.193-3.fc43.x86_64 elfutils-libs-0.193-3.fc43.x86_64 fedora-gpg-keys-44-0.1.noarch fedora-release-44-0.3.noarch fedora-release-common-44-0.3.noarch fedora-release-identity-basic-44-0.3.noarch fedora-repos-44-0.1.noarch fedora-repos-rawhide-44-0.1.noarch file-5.46-8.fc44.x86_64 file-libs-5.46-8.fc44.x86_64 filesystem-3.18-50.fc43.x86_64 filesystem-srpm-macros-3.18-50.fc43.noarch findutils-4.10.0-6.fc43.x86_64 fonts-srpm-macros-5.0.0-1.fc44.noarch forge-srpm-macros-0.4.0-3.fc43.noarch fpc-srpm-macros-1.3-15.fc43.noarch gap-srpm-macros-2-1.fc44.noarch gawk-5.3.2-2.fc43.x86_64 gdb-minimal-16.3-6.fc44.x86_64 gdbm-libs-1.23-10.fc43.x86_64 ghc-srpm-macros-1.9.2-3.fc43.noarch glibc-2.42.9000-5.fc44.x86_64 glibc-common-2.42.9000-5.fc44.x86_64 glibc-gconv-extra-2.42.9000-5.fc44.x86_64 glibc-minimal-langpack-2.42.9000-5.fc44.x86_64 gmp-6.3.0-4.fc44.x86_64 gnat-srpm-macros-6-8.fc43.noarch gnulib-l10n-20241231-1.fc44.noarch gnupg2-2.4.8-4.fc43.x86_64 gnupg2-dirmngr-2.4.8-4.fc43.x86_64 gnupg2-gpg-agent-2.4.8-4.fc43.x86_64 gnupg2-gpgconf-2.4.8-4.fc43.x86_64 gnupg2-keyboxd-2.4.8-4.fc43.x86_64 gnupg2-verify-2.4.8-4.fc43.x86_64 gnutls-3.8.10-5.fc44.x86_64 go-srpm-macros-3.8.0-1.fc44.noarch gpgverify-2.2-3.fc43.noarch grep-3.12-2.fc43.x86_64 gzip-1.14-1.fc44.x86_64 ima-evm-utils-libs-1.6.2-6.fc43.x86_64 info-7.2-6.fc43.x86_64 jansson-2.14-3.fc43.x86_64 java-srpm-macros-1-7.fc43.noarch json-c-0.18-7.fc43.x86_64 kernel-srpm-macros-1.0-27.fc43.noarch keyutils-libs-1.6.3-6.fc43.x86_64 krb5-libs-1.21.3-8.fc44.x86_64 libacl-2.3.2-4.fc43.x86_64 libarchive-3.8.1-3.fc43.x86_64 libassuan-2.5.7-4.fc43.x86_64 libattr-2.5.2-6.fc43.x86_64 libblkid-2.41.1-17.fc44.x86_64 libbrotli-1.1.0-10.fc44.x86_64 libcap-2.76-3.fc44.x86_64 libcap-ng-0.8.5-8.fc44.x86_64 libcom_err-1.47.3-2.fc43.x86_64 libcurl-8.16.0-1.fc44.x86_64 libeconf-0.7.9-2.fc43.x86_64 libevent-2.1.12-16.fc43.x86_64 libfdisk-2.41.1-17.fc44.x86_64 libffi-3.5.2-1.fc44.x86_64 libfsverity-1.6-3.fc43.x86_64 libgcc-15.2.1-2.fc44.x86_64 libgcrypt-1.11.1-2.fc43.x86_64 libgomp-15.2.1-2.fc44.x86_64 libgpg-error-1.55-2.fc43.x86_64 libidn2-2.3.8-2.fc43.x86_64 libksba-1.6.7-4.fc43.x86_64 liblastlog2-2.41.1-17.fc44.x86_64 libmount-2.41.1-17.fc44.x86_64 libnghttp2-1.67.1-1.fc44.x86_64 libpkgconf-2.3.0-3.fc43.x86_64 libpsl-0.21.5-6.fc43.x86_64 libselinux-3.9-5.fc44.x86_64 libselinux-utils-3.9-5.fc44.x86_64 libsemanage-3.9-4.fc44.x86_64 libsepol-3.9-2.fc43.x86_64 libsmartcols-2.41.1-17.fc44.x86_64 libssh-0.11.3-1.fc44.x86_64 libssh-config-0.11.3-1.fc44.noarch libstdc++-15.2.1-2.fc44.x86_64 libtasn1-4.20.0-2.fc43.x86_64 libtool-ltdl-2.5.4-7.fc43.x86_64 libunistring-1.1-10.fc43.x86_64 libusb1-1.0.29-4.fc44.x86_64 libuuid-2.41.1-17.fc44.x86_64 libverto-0.3.2-11.fc43.x86_64 libxcrypt-4.4.38-9.fc44.x86_64 libxml2-2.12.10-5.fc44.x86_64 libzstd-1.5.7-3.fc44.x86_64 linkdupes-0.7.2-2.fc44.x86_64 lua-libs-5.4.8-2.fc43.x86_64 lua-srpm-macros-1-16.fc43.noarch lz4-libs-1.10.0-3.fc43.x86_64 mpfr-4.2.2-2.fc43.x86_64 ncurses-base-6.5-7.20250614.fc43.noarch ncurses-libs-6.5-7.20250614.fc43.x86_64 nettle-3.10.1-2.fc43.x86_64 npth-1.8-3.fc43.x86_64 ocaml-srpm-macros-11-2.fc43.noarch openblas-srpm-macros-2-20.fc43.noarch openldap-2.6.10-4.fc44.x86_64 openssl-libs-3.5.1-3.fc44.x86_64 p11-kit-0.25.8-1.fc44.x86_64 p11-kit-trust-0.25.8-1.fc44.x86_64 package-notes-srpm-macros-0.5-14.fc43.noarch pam-libs-1.7.1-3.fc43.x86_64 patch-2.8-2.fc43.x86_64 pcre2-10.46-1.fc44.x86_64 pcre2-syntax-10.46-1.fc44.noarch perl-srpm-macros-1-60.fc43.noarch pkgconf-2.3.0-3.fc43.x86_64 pkgconf-m4-2.3.0-3.fc43.noarch pkgconf-pkg-config-2.3.0-3.fc43.x86_64 policycoreutils-3.9-5.fc44.x86_64 popt-1.19-9.fc43.x86_64 publicsuffix-list-dafsa-20250616-2.fc43.noarch pyproject-srpm-macros-1.18.4-1.fc44.noarch python-srpm-macros-3.14-8.fc44.noarch qt5-srpm-macros-5.15.17-2.fc43.noarch qt6-srpm-macros-6.10.0~rc-1.fc44.noarch readline-8.3-2.fc43.x86_64 redhat-rpm-config-343-14.fc44.noarch rpm-6.0.0-1.fc44.x86_64 rpm-build-6.0.0-1.fc44.x86_64 rpm-build-libs-6.0.0-1.fc44.x86_64 rpm-libs-6.0.0-1.fc44.x86_64 rpm-plugin-selinux-6.0.0-1.fc44.x86_64 rpm-sequoia-1.9.0-2.fc43.x86_64 rpm-sign-libs-6.0.0-1.fc44.x86_64 rust-srpm-macros-26.4-1.fc44.noarch sed-4.9-5.fc43.x86_64 selinux-policy-42.12-1.fc44.noarch selinux-policy-targeted-42.12-1.fc44.noarch setup-2.15.0-26.fc43.noarch shadow-utils-4.18.0-3.fc43.x86_64 sqlite-libs-3.50.4-1.fc44.x86_64 systemd-libs-258-1.fc44.x86_64 systemd-standalone-sysusers-258-1.fc44.x86_64 tar-1.35-6.fc43.x86_64 tpm2-tss-4.1.3-8.fc43.x86_64 tree-sitter-srpm-macros-0.4.2-1.fc43.noarch unzip-6.0-68.fc44.x86_64 util-linux-2.41.1-17.fc44.x86_64 util-linux-core-2.41.1-17.fc44.x86_64 which-2.23-3.fc43.x86_64 xxhash-libs-0.8.3-3.fc43.x86_64 xz-5.8.1-2.fc43.x86_64 xz-libs-5.8.1-2.fc43.x86_64 zig-srpm-macros-1-5.fc43.noarch zip-3.0-44.fc43.x86_64 zlib-ng-compat-2.2.5-2.fc44.x86_64 zstd-1.5.7-3.fc44.x86_64 Start: buildsrpm Start: rpmbuild -bs Building target platforms: x86_64 Building for target x86_64 warning: /builddir/build/SPECS/crypto-policies.spec line 64: autopatch: no matching patches in range setting SOURCE_DATE_EPOCH=1758240000 Wrote: /builddir/build/SRPMS/crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm RPM build warnings: /builddir/build/SPECS/crypto-policies.spec line 64: autopatch: no matching patches in range Finish: rpmbuild -bs INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan INFO: /var/lib/mock/fedora-rawhide-x86_64-1759842660.151585/root/var/log/dnf5.log INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz /bin/tar: Removing leading `/' from member names Finish: buildsrpm INFO: Done(/var/lib/copr-rpmbuild/workspace/workdir-kd16zm0x/crypto-policies/crypto-policies.spec) Config(child) 0 minutes 20 seconds INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results INFO: Cleaning up build root ('cleanup_on_success=True') Start: clean chroot INFO: unmounting tmpfs. Finish: clean chroot INFO: Start(/var/lib/copr-rpmbuild/results/crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm) Config(fedora-rawhide-x86_64) Start(bootstrap): chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1759842660.151585/root. INFO: reusing tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1759842660.151585/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata Finish(bootstrap): chroot init Start: chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-1759842660.151585/root. INFO: calling preinit hooks INFO: enabled root cache Start: unpacking root cache Finish: unpacking root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin INFO: Buildroot is handled by package management downloaded with a bootstrap image: rpm-6.0.0-1.fc44.x86_64 rpm-sequoia-1.9.0-2.fc43.x86_64 dnf5-5.2.17.0-2.fc44.x86_64 dnf5-plugins-5.2.17.0-2.fc44.x86_64 Finish: chroot init Start: build phase for crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm Start: build setup for crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm Building target platforms: x86_64 Building for target x86_64 warning: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range setting SOURCE_DATE_EPOCH=1758240000 Wrote: /builddir/build/SRPMS/crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm RPM build warnings: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range Updating and loading repositories: Additional repo http_kojipkgs_fedorapr 100% | 58.9 KiB/s | 3.8 KiB | 00m00s Coprdir repository 100% | 23.6 KiB/s | 1.5 KiB | 00m00s Copr repository 100% | 23.3 KiB/s | 1.5 KiB | 00m00s fedora 100% | 153.5 KiB/s | 26.7 KiB | 00m00s Repositories loaded. Package Arch Version Repository Size Installing: asciidoc noarch 10.2.0-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.7 MiB bind x86_64 32:9.18.39-4.fc44 copr_coprdir 879.2 KiB gnutls-utils x86_64 3.8.10-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.3 MiB java-25-openjdk-devel x86_64 1:25.0.0.0.36-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 11.7 MiB libxslt x86_64 1.1.43-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 460.1 KiB make x86_64 1:4.4.1-11.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.8 MiB nss-tools x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.4 MiB openssh-clients x86_64 10.0p1-7.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.6 MiB openssl x86_64 1:3.5.1-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.8 MiB python3-devel x86_64 3.14.0~rc3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 MiB python3-pytest noarch 8.3.5-9.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 21.6 MiB sequoia-policy-config x86_64 0.8.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 890.5 KiB systemd-rpm-macros noarch 258-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 8.5 KiB Installing dependencies: abattis-cantarell-vf-fonts noarch 0.301-15.fc44 copr_coprdir 192.7 KiB adobe-mappings-cmap noarch 20231115-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 15.2 MiB adobe-mappings-cmap-deprecated noarch 20231115-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 582.1 KiB adobe-mappings-pdf noarch 20190401-10.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 4.4 MiB alsa-lib x86_64 1.2.14-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB avahi-libs x86_64 0.9~rc2-6.fc44 copr_coprdir 171.6 KiB bind-libs x86_64 32:9.18.39-4.fc44 copr_coprdir 3.6 MiB boost-regex x86_64 1.83.0-17.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 291.2 KiB bubblewrap x86_64 0.11.0-2.fc44 copr_coprdir 135.0 KiB cairo x86_64 1.18.4-2.fc44 copr_coprdir 1.8 MiB cairo-gobject x86_64 1.18.4-2.fc44 copr_coprdir 31.1 KiB ctags x86_64 6.2.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.2 MiB cups-filesystem noarch 1:2.4.14-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 0.0 B cups-libs x86_64 1:2.4.14-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 618.7 KiB dbus-libs x86_64 1:1.16.0-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 345.5 KiB default-fonts-core-sans noarch 4.2-5.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 11.9 KiB docbook-dtds noarch 1.0-89.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 8.3 MiB docbook-style-xsl noarch 1.79.2-25.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 15.6 MiB expat x86_64 2.7.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 298.6 KiB fontconfig x86_64 2.17.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 765.9 KiB fonts-filesystem noarch 1:5.0.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 0.0 B freetype x86_64 2.13.3-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 850.2 KiB fribidi x86_64 1.0.16-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 190.3 KiB fstrm x86_64 0.6.1-13.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 50.7 KiB gd x86_64 2.3.3-20.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 403.6 KiB gdk-pixbuf2 x86_64 2.44.3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.5 MiB glib2 x86_64 2.86.0-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 14.7 MiB glycin-libs x86_64 2.0.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 4.4 MiB glycin-loaders x86_64 2.0.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 13.1 MiB gnutls-dane x86_64 3.8.10-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 60.9 KiB google-droid-sans-fonts noarch 20200215-23.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 6.3 MiB google-noto-fonts-common noarch 20251001-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 17.7 KiB google-noto-sans-vf-fonts noarch 20251001-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB gpgme x86_64 1.24.3-6.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 587.9 KiB gpgmepp x86_64 1.24.3-6.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 429.2 KiB graphite2 x86_64 1.3.14-19.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 191.8 KiB graphviz x86_64 13.1.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 20.8 MiB graphviz-libs x86_64 13.1.2-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 MiB gts x86_64 0.7.6-51.20121130.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 636.6 KiB harfbuzz x86_64 12.1.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.9 MiB highway x86_64 1.2.0-5.fc42 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 4.4 MiB hiredis x86_64 1.2.0-7.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 105.9 KiB java-25-openjdk x86_64 1:25.0.0.0.36-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 962.2 KiB java-25-openjdk-headless x86_64 1:25.0.0.0.36-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 236.3 MiB javapackages-filesystem noarch 6.4.1-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.0 KiB jbig2dec-libs x86_64 0.20-7.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 164.9 KiB jbigkit-libs x86_64 2.1-32.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 113.5 KiB lasi x86_64 1.1.3-17.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 126.7 KiB lcms2 x86_64 2.16-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 433.7 KiB libICE x86_64 1.1.2-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 194.4 KiB libSM x86_64 1.2.5-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 101.0 KiB libX11 x86_64 1.8.12-1.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.3 MiB libX11-common noarch 1.8.12-1.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 MiB libXau x86_64 1.0.12-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 72.9 KiB libXcomposite x86_64 0.4.6-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 40.5 KiB libXext x86_64 1.3.6-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 90.0 KiB libXft x86_64 2.3.8-9.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 164.4 KiB libXi x86_64 1.8.2-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 80.6 KiB libXpm x86_64 3.5.17-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 148.3 KiB libXrender x86_64 0.9.12-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 46.0 KiB libXt x86_64 1.3.1-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 429.8 KiB libXtst x86_64 1.2.5-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 33.5 KiB libaom x86_64 3.13.1-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.0 MiB libavif x86_64 1.3.0-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 258.0 KiB libcbor x86_64 0.12.0-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 77.8 KiB libdatrie x86_64 0.2.13-12.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 53.8 KiB libdav1d x86_64 1.5.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.7 MiB libedit x86_64 3.1-56.20250104cvs.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 240.1 KiB libfido2 x86_64 1.16.0-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 238.5 KiB libfontenc x86_64 1.1.8-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 66.9 KiB libgs x86_64 10.06.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 24.4 MiB libheif x86_64 1.20.2-6.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 MiB libicu x86_64 77.1-1.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 36.4 MiB libijs x86_64 0.35-25.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 61.6 KiB libimagequant x86_64 4.1.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 707.4 KiB libjpeg-turbo x86_64 3.1.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 804.8 KiB libjxl x86_64 1:0.11.1-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.1 MiB liblerc x86_64 4.0.0-9.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 624.1 KiB libmaxminddb x86_64 1.12.2-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 84.8 KiB libopenjph x86_64 0.22.0-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 466.2 KiB libpaper x86_64 1:2.1.1-9.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 48.7 KiB libpng x86_64 2:1.6.50-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 237.7 KiB librsvg2 x86_64 2.61.0-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.0 MiB libseccomp x86_64 2.6.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 224.9 KiB libthai x86_64 0.1.29-11.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 783.4 KiB libtiff x86_64 4.7.0-9.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 619.0 KiB libuv x86_64 1:1.51.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 570.2 KiB libvmaf x86_64 3.0.0-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 827.0 KiB libwebp x86_64 1.6.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 956.6 KiB libxcb x86_64 1.17.0-6.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.1 MiB libyaml x86_64 0.2.5-17.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 134.6 KiB libyuv x86_64 0-0.57.20240704git96bbdb5.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 679.7 KiB lksctp-tools x86_64 1.0.21-2.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 251.0 KiB lmdb-libs x86_64 0.9.33-4.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 105.4 KiB lzo x86_64 2.10-15.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 178.9 KiB mkfontscale x86_64 1.2.3-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 45.0 KiB mpdecimal x86_64 4.0.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 217.2 KiB netpbm x86_64 11.10.00-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 577.6 KiB ngtcp2 x86_64 1.16.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 314.2 KiB ngtcp2-crypto-ossl x86_64 1.16.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 47.7 KiB noopenh264 x86_64 2.6.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 39.2 KiB nspr x86_64 4.37.0-5.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 315.5 KiB nss x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 MiB nss-softokn x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.9 MiB nss-softokn-freebl x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 848.3 KiB nss-sysinit x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 18.1 KiB nss-util x86_64 3.116.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 200.8 KiB openjpeg x86_64 2.5.4-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 456.3 KiB openssh x86_64 10.0p1-7.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB pango x86_64 1.57.0-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.0 MiB pixman x86_64 0.46.2-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 710.3 KiB poppler x86_64 25.07.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.8 MiB poppler-data noarch 0.4.11-10.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 12.3 MiB poppler-glib x86_64 25.07.0-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 633.9 KiB protobuf-c x86_64 1.5.1-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 49.8 KiB pyproject-rpm-macros noarch 1.18.4-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 114.9 KiB python-pip-wheel noarch 25.2-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 MiB python-rpm-macros noarch 3.14-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 27.6 KiB python3 x86_64 3.14.0~rc3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 28.9 KiB python3-iniconfig noarch 2.1.0-3.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 42.4 KiB python3-libs x86_64 3.14.0~rc3-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 43.0 MiB python3-packaging noarch 25.0-7.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 607.4 KiB python3-pluggy noarch 1.6.0-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 211.0 KiB python3-rpm-generators noarch 14-13.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 81.7 KiB python3-rpm-macros noarch 3.14-8.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 6.5 KiB rav1e-libs x86_64 0.7.1-8.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.0 MiB sgml-common noarch 0.6.3-67.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 168.1 KiB shared-mime-info x86_64 2.4-2.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.2 MiB source-highlight x86_64 3.1.9-25.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 3.1 MiB svt-av1-libs x86_64 3.1.2-1.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.6 MiB ttmkfdir x86_64 3.0.9-73.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 122.5 KiB tzdata noarch 2025b-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.6 MiB tzdata-java noarch 2025b-3.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 100.1 KiB unbound-libs x86_64 1.24.0-4.fc44 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.5 MiB urw-base35-bookman-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB urw-base35-c059-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB urw-base35-d050000l-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 84.3 KiB urw-base35-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 5.3 KiB urw-base35-fonts-common noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 37.4 KiB urw-base35-gothic-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.2 MiB urw-base35-nimbus-mono-ps-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.0 MiB urw-base35-nimbus-roman-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.4 MiB urw-base35-nimbus-sans-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 2.4 MiB urw-base35-p052-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 1.5 MiB urw-base35-standard-symbols-ps-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 64.9 KiB urw-base35-z003-fonts noarch 20200910-26.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 390.8 KiB xml-common noarch 0.6.3-67.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 78.4 KiB xorg-x11-fonts-Type1 noarch 7.5-41.fc43 http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch 863.3 KiB Transaction Summary: Installing: 161 packages Total size of inbound packages is 156 MiB. Need to download 119 MiB. After this operation, 613 MiB extra will be used (install 613 MiB, remove 0 B). [ 1/161] make-1:4.4.1-11.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 2/161] systemd-rpm-macros-0:258-1.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 3/161] python3-0:3.14.0~rc3-1.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 4/161] python3-packaging-0:25.0-7.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 5/161] python3-libs-0:3.14.0~rc3-1.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 6/161] fontconfig-0:2.17.0-3.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 7/161] libX11-0:1.8.12-1.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 8/161] libXext-0:1.3.6-4.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 9/161] libXrender-0:0.9.12-3.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 10/161] default-fonts-core-sans-0:4.2 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 11/161] fonts-filesystem-1:5.0.0-1.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 12/161] freetype-0:2.13.3-3.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 13/161] xml-common-0:0.6.3-67.fc43.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 14/161] abattis-cantarell-vf-fonts-0: 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 15/161] google-noto-sans-vf-fonts-0:2 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 16/161] google-noto-fonts-common-0:20 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 17/161] expat-0:2.7.2-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 18/161] mpdecimal-0:4.0.1-2.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 19/161] python-pip-wheel-0:25.2-4.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 20/161] tzdata-0:2025b-3.fc43.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 21/161] libX11-common-0:1.8.12-1.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 22/161] libxcb-0:1.17.0-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 23/161] cairo-0:1.18.4-2.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 24/161] gdk-pixbuf2-0:2.44.3-1.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 25/161] glib2-0:2.86.0-2.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 26/161] harfbuzz-0:12.1.0-1.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 27/161] librsvg2-0:2.61.0-2.fc44.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 28/161] cairo-gobject-0:1.18.4-2.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 29/161] libwebp-0:1.6.0-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 30/161] pango-0:1.57.0-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 31/161] glycin-libs-0:2.0.2-1.fc44.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 32/161] shared-mime-info-0:2.4-2.fc43 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 33/161] libjpeg-turbo-0:3.1.2-1.fc44. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 34/161] libpng-2:1.6.50-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 35/161] libseccomp-0:2.6.0-2.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 36/161] lzo-0:2.10-15.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 37/161] pixman-0:0.46.2-2.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 38/161] lcms2-0:2.16-6.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 39/161] openjpeg-0:2.5.4-1.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 40/161] fribidi-0:1.0.16-3.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 41/161] libXft-0:2.3.8-9.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 42/161] libthai-0:0.1.29-11.fc43.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 43/161] libXau-0:1.0.12-3.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 44/161] libdatrie-0:0.2.13-12.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 45/161] libdav1d-0:1.5.1-2.fc43.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 46/161] libaom-0:3.13.1-1.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 47/161] rav1e-libs-0:0.7.1-8.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 48/161] svt-av1-libs-0:3.1.2-1.fc44.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 49/161] libvmaf-0:3.0.0-4.fc43.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 50/161] graphite2-0:1.3.14-19.fc43.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 51/161] glycin-loaders-0:2.0.2-1.fc44 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 52/161] bubblewrap-0:0.11.0-2.fc44.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 53/161] libheif-0:1.20.2-6.fc44.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 54/161] libjxl-1:0.11.1-5.fc44.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 55/161] highway-0:1.2.0-5.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 56/161] libopenjph-0:0.22.0-2.fc44.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 57/161] noopenh264-0:2.6.0-2.fc43.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 58/161] libxslt-0:1.1.43-5.fc44.x86_6 100% | 1.6 MiB/s | 184.4 KiB | 00m00s [ 59/161] gnutls-utils-0:3.8.10-5.fc44. 100% | 2.3 MiB/s | 306.8 KiB | 00m00s [ 60/161] asciidoc-0:10.2.0-17.fc44.noa 100% | 2.8 MiB/s | 391.9 KiB | 00m00s [ 61/161] nss-tools-0:3.116.0-1.fc44.x8 100% | 8.1 MiB/s | 541.9 KiB | 00m00s [ 62/161] openssh-clients-0:10.0p1-7.fc 100% | 9.8 MiB/s | 742.6 KiB | 00m00s [ 63/161] python3-devel-0:3.14.0~rc3-1. 100% | 10.2 MiB/s | 386.6 KiB | 00m00s [ 64/161] sequoia-policy-config-0:0.8.0 100% | 11.1 MiB/s | 374.3 KiB | 00m00s [ 65/161] openssl-1:3.5.1-3.fc44.x86_64 100% | 10.2 MiB/s | 1.2 MiB | 00m00s [ 66/161] bind-libs-32:9.18.39-4.fc44.x 100% | 115.7 MiB/s | 1.3 MiB | 00m00s [ 67/161] bind-32:9.18.39-4.fc44.x86_64 100% | 13.6 MiB/s | 319.4 KiB | 00m00s [ 68/161] python3-pytest-0:8.3.5-9.fc44 100% | 27.4 MiB/s | 2.1 MiB | 00m00s [ 69/161] fstrm-0:0.6.1-13.fc43.x86_64 100% | 1.0 MiB/s | 28.1 KiB | 00m00s [ 70/161] libmaxminddb-0:1.12.2-4.fc43. 100% | 1.5 MiB/s | 43.0 KiB | 00m00s [ 71/161] libuv-1:1.51.0-2.fc43.x86_64 100% | 9.3 MiB/s | 266.1 KiB | 00m00s [ 72/161] lmdb-libs-0:0.9.33-4.fc43.x86 100% | 2.4 MiB/s | 61.5 KiB | 00m00s [ 73/161] java-25-openjdk-devel-1:25.0. 100% | 71.1 MiB/s | 6.1 MiB | 00m00s [ 74/161] protobuf-c-0:1.5.1-2.fc43.x86 100% | 1.2 MiB/s | 32.7 KiB | 00m00s [ 75/161] python3-iniconfig-0:2.1.0-3.f 100% | 952.8 KiB/s | 22.9 KiB | 00m00s [ 76/161] python3-pluggy-0:1.6.0-4.fc44 100% | 2.2 MiB/s | 56.1 KiB | 00m00s [ 77/161] libedit-0:3.1-56.20250104cvs. 100% | 4.1 MiB/s | 105.2 KiB | 00m00s [ 78/161] libfido2-0:1.16.0-3.fc43.x86_ 100% | 3.8 MiB/s | 98.5 KiB | 00m00s [ 79/161] openssh-0:10.0p1-7.fc44.x86_6 100% | 12.6 MiB/s | 334.8 KiB | 00m00s [ 80/161] nspr-0:4.37.0-5.fc44.x86_64 100% | 5.4 MiB/s | 137.8 KiB | 00m00s [ 81/161] nss-0:3.116.0-1.fc44.x86_64 100% | 18.8 MiB/s | 713.2 KiB | 00m00s [ 82/161] nss-util-0:3.116.0-1.fc44.x86 100% | 2.9 MiB/s | 86.1 KiB | 00m00s [ 83/161] nss-softokn-0:3.116.0-1.fc44. 100% | 14.9 MiB/s | 426.2 KiB | 00m00s [ 84/161] nss-sysinit-0:3.116.0-1.fc44. 100% | 764.5 KiB/s | 19.1 KiB | 00m00s [ 85/161] libcbor-0:0.12.0-6.fc43.x86_6 100% | 1.3 MiB/s | 33.5 KiB | 00m00s [ 86/161] java-25-openjdk-1:25.0.0.0.36 100% | 13.8 MiB/s | 367.4 KiB | 00m00s [ 87/161] libXi-0:1.8.2-3.fc43.x86_64 100% | 1.6 MiB/s | 40.3 KiB | 00m00s [ 88/161] libXcomposite-0:0.4.6-6.fc43. 100% | 895.0 KiB/s | 24.2 KiB | 00m00s [ 89/161] libXtst-0:1.2.5-3.fc43.x86_64 100% | 820.9 KiB/s | 20.5 KiB | 00m00s [ 90/161] xorg-x11-fonts-Type1-0:7.5-41 100% | 17.5 MiB/s | 500.9 KiB | 00m00s [ 91/161] gnutls-dane-0:3.8.10-5.fc44.x 100% | 1.4 MiB/s | 39.0 KiB | 00m00s [ 92/161] unbound-libs-0:1.24.0-4.fc44. 100% | 18.1 MiB/s | 573.2 KiB | 00m00s [ 93/161] docbook-style-xsl-0:1.79.2-25 100% | 29.6 MiB/s | 1.2 MiB | 00m00s [ 94/161] graphviz-0:13.1.2-2.fc44.x86_ 100% | 95.9 MiB/s | 4.7 MiB | 00m00s [ 95/161] source-highlight-0:3.1.9-25.f 100% | 20.6 MiB/s | 716.0 KiB | 00m00s [ 96/161] mkfontscale-0:1.2.3-3.fc43.x8 100% | 1.0 MiB/s | 31.5 KiB | 00m00s [ 97/161] ttmkfdir-0:3.0.9-73.fc43.x86_ 100% | 2.0 MiB/s | 56.3 KiB | 00m00s [ 98/161] hiredis-0:1.2.0-7.fc43.x86_64 100% | 1.8 MiB/s | 50.3 KiB | 00m00s [ 99/161] ngtcp2-0:1.16.0-1.fc44.x86_64 100% | 5.5 MiB/s | 146.1 KiB | 00m00s [100/161] ngtcp2-crypto-ossl-0:1.16.0-1 100% | 1.0 MiB/s | 26.0 KiB | 00m00s [101/161] boost-regex-0:1.83.0-17.fc44. 100% | 4.5 MiB/s | 114.8 KiB | 00m00s [102/161] ctags-0:6.2.0-1.fc44.x86_64 100% | 25.3 MiB/s | 881.9 KiB | 00m00s [103/161] nss-softokn-freebl-0:3.116.0- 100% | 11.5 MiB/s | 329.2 KiB | 00m00s [104/161] libfontenc-0:1.1.8-4.fc43.x86 100% | 1.1 MiB/s | 32.3 KiB | 00m00s [105/161] alsa-lib-0:1.2.14-4.fc43.x86_ 100% | 19.4 MiB/s | 517.2 KiB | 00m00s [106/161] java-25-openjdk-headless-1:25 100% | 158.2 MiB/s | 57.8 MiB | 00m00s [107/161] cups-libs-1:2.4.14-2.fc44.x86 100% | 4.0 MiB/s | 261.2 KiB | 00m00s [108/161] javapackages-filesystem-0:6.4 100% | 204.7 KiB/s | 13.9 KiB | 00m00s [109/161] tzdata-java-0:2025b-3.fc43.no 100% | 1.9 MiB/s | 46.3 KiB | 00m00s [110/161] lksctp-tools-0:1.0.21-2.fc44. 100% | 3.6 MiB/s | 96.9 KiB | 00m00s [111/161] gd-0:2.3.3-20.fc44.x86_64 100% | 5.3 MiB/s | 136.5 KiB | 00m00s [112/161] graphviz-libs-0:13.1.2-2.fc44 100% | 17.4 MiB/s | 481.9 KiB | 00m00s [113/161] gts-0:0.7.6-51.20121130.fc43. 100% | 8.5 MiB/s | 234.8 KiB | 00m00s [114/161] lasi-0:1.1.3-17.fc43.x86_64 100% | 2.1 MiB/s | 55.0 KiB | 00m00s [115/161] poppler-glib-0:25.07.0-2.fc43 100% | 7.5 MiB/s | 207.2 KiB | 00m00s [116/161] urw-base35-fonts-0:20200910-2 100% | 411.6 KiB/s | 9.9 KiB | 00m00s [117/161] libgs-0:10.06.0-1.fc44.x86_64 100% | 83.5 MiB/s | 3.8 MiB | 00m00s [118/161] libXpm-0:3.5.17-6.fc43.x86_64 100% | 2.7 MiB/s | 65.6 KiB | 00m00s [119/161] libavif-0:1.3.0-2.fc44.x86_64 100% | 4.7 MiB/s | 120.7 KiB | 00m00s [120/161] libimagequant-0:4.1.0-1.fc44. 100% | 10.8 MiB/s | 320.9 KiB | 00m00s [121/161] docbook-dtds-0:1.0-89.fc43.no 100% | 9.9 MiB/s | 282.6 KiB | 00m00s [122/161] avahi-libs-0:0.9~rc2-6.fc44.x 100% | 34.0 MiB/s | 69.6 KiB | 00m00s [123/161] cups-filesystem-1:2.4.14-2.fc 100% | 527.1 KiB/s | 12.7 KiB | 00m00s [124/161] libyaml-0:0.2.5-17.fc43.x86_6 100% | 2.3 MiB/s | 60.1 KiB | 00m00s [125/161] libicu-0:77.1-1.fc43.x86_64 100% | 137.2 MiB/s | 10.7 MiB | 00m00s [126/161] dbus-libs-1:1.16.0-4.fc43.x86 100% | 5.6 MiB/s | 148.3 KiB | 00m00s [127/161] urw-base35-bookman-fonts-0:20 100% | 29.5 MiB/s | 845.2 KiB | 00m00s [128/161] urw-base35-c059-fonts-0:20200 100% | 30.4 MiB/s | 872.9 KiB | 00m00s [129/161] urw-base35-d050000l-fonts-0:2 100% | 2.9 MiB/s | 75.2 KiB | 00m00s [130/161] urw-base35-fonts-common-0:202 100% | 859.7 KiB/s | 20.6 KiB | 00m00s [131/161] urw-base35-gothic-fonts-0:202 100% | 22.3 MiB/s | 640.8 KiB | 00m00s [132/161] urw-base35-nimbus-mono-ps-fon 100% | 27.7 MiB/s | 793.8 KiB | 00m00s [133/161] urw-base35-nimbus-roman-fonts 100% | 30.9 MiB/s | 853.1 KiB | 00m00s [134/161] urw-base35-nimbus-sans-fonts- 100% | 46.3 MiB/s | 1.3 MiB | 00m00s [135/161] urw-base35-p052-fonts-0:20200 100% | 33.9 MiB/s | 972.1 KiB | 00m00s [136/161] urw-base35-standard-symbols-p 100% | 2.2 MiB/s | 57.7 KiB | 00m00s [137/161] urw-base35-z003-fonts-0:20200 100% | 10.3 MiB/s | 274.9 KiB | 00m00s [138/161] poppler-0:25.07.0-2.fc43.x86_ 100% | 43.5 MiB/s | 1.3 MiB | 00m00s [139/161] gpgmepp-0:1.24.3-6.fc44.x86_6 100% | 5.2 MiB/s | 142.9 KiB | 00m00s [140/161] poppler-data-0:0.4.11-10.fc43 100% | 55.0 MiB/s | 1.9 MiB | 00m00s [141/161] jbigkit-libs-0:2.1-32.fc43.x8 100% | 2.1 MiB/s | 53.2 KiB | 00m00s [142/161] liblerc-0:4.0.0-9.fc43.x86_64 100% | 7.8 MiB/s | 215.1 KiB | 00m00s [143/161] adobe-mappings-cmap-0:2023111 100% | 63.1 MiB/s | 2.2 MiB | 00m00s [144/161] adobe-mappings-cmap-deprecate 100% | 3.8 MiB/s | 102.5 KiB | 00m00s [145/161] adobe-mappings-pdf-0:20190401 100% | 22.1 MiB/s | 611.0 KiB | 00m00s [146/161] google-droid-sans-fonts-0:202 100% | 79.3 MiB/s | 2.7 MiB | 00m00s [147/161] jbig2dec-libs-0:0.20-7.fc43.x 100% | 2.9 MiB/s | 74.0 KiB | 00m00s [148/161] libXt-0:1.3.1-3.fc43.x86_64 100% | 7.0 MiB/s | 179.2 KiB | 00m00s [149/161] libijs-0:0.35-25.fc43.x86_64 100% | 1.1 MiB/s | 29.1 KiB | 00m00s [150/161] libpaper-1:2.1.1-9.fc43.x86_6 100% | 1.0 MiB/s | 26.6 KiB | 00m00s [151/161] libyuv-0:0-0.57.20240704git96 100% | 7.3 MiB/s | 202.1 KiB | 00m00s [152/161] libICE-0:1.1.2-3.fc43.x86_64 100% | 3.1 MiB/s | 78.1 KiB | 00m00s [153/161] libSM-0:1.2.5-3.fc43.x86_64 100% | 1.7 MiB/s | 44.2 KiB | 00m00s [154/161] netpbm-0:11.10.00-2.fc43.x86_ 100% | 7.3 MiB/s | 187.0 KiB | 00m00s [155/161] gpgme-0:1.24.3-6.fc44.x86_64 100% | 7.6 MiB/s | 218.5 KiB | 00m00s [156/161] pyproject-rpm-macros-0:1.18.4 100% | 1.7 MiB/s | 44.9 KiB | 00m00s [157/161] python-rpm-macros-0:3.14-8.fc 100% | 778.8 KiB/s | 19.5 KiB | 00m00s [158/161] python3-rpm-generators-0:14-1 100% | 1.1 MiB/s | 28.5 KiB | 00m00s [159/161] python3-rpm-macros-0:3.14-8.f 100% | 480.7 KiB/s | 12.0 KiB | 00m00s [160/161] sgml-common-0:0.6.3-67.fc43.n 100% | 10.6 KiB/s | 53.7 KiB | 00m05s [161/161] libtiff-0:4.7.0-9.fc44.x86_64 100% | 43.6 KiB/s | 221.2 KiB | 00m05s -------------------------------------------------------------------------------- [161/161] Total 100% | 19.7 MiB/s | 118.5 MiB | 00m06s Running transaction [ 1/163] Verify package files 100% | 321.0 B/s | 161.0 B | 00m01s >>> Running %pretrans scriptlet: java-25-openjdk-headless-1:25.0.0.0.36-3.fc44.x >>> Finished %pretrans scriptlet: java-25-openjdk-headless-1:25.0.0.0.36-3.fc44. >>> [RPM] /var/lib/mock/fedora-rawhide-x86_64-1759842660.151585/root/var/cache/d [ 2/163] Prepare transaction 100% | 2.7 KiB/s | 161.0 B | 00m00s [ 3/163] Installing glib2-0:2.86.0-2.f 100% | 313.5 MiB/s | 14.7 MiB | 00m00s [ 4/163] Installing nspr-0:4.37.0-5.fc 100% | 309.7 MiB/s | 317.2 KiB | 00m00s [ 5/163] Installing libjpeg-turbo-0:3. 100% | 393.8 MiB/s | 806.6 KiB | 00m00s [ 6/163] Installing nss-util-0:3.116.0 100% | 197.1 MiB/s | 201.8 KiB | 00m00s [ 7/163] Installing libpng-2:1.6.50-2. 100% | 233.4 MiB/s | 239.0 KiB | 00m00s [ 8/163] Installing fonts-filesystem-1 100% | 0.0 B/s | 788.0 B | 00m00s [ 9/163] Installing urw-base35-fonts-c 100% | 0.0 B/s | 38.4 KiB | 00m00s [ 10/163] Installing libwebp-0:1.6.0-2. 100% | 312.7 MiB/s | 960.7 KiB | 00m00s [ 11/163] Installing python-rpm-macros- 100% | 0.0 B/s | 28.5 KiB | 00m00s [ 12/163] Installing libdav1d-0:1.5.1-2 100% | 423.4 MiB/s | 1.7 MiB | 00m00s [ 13/163] Installing openjpeg-0:2.5.4-1 100% | 447.5 MiB/s | 458.3 KiB | 00m00s [ 14/163] Installing lcms2-0:2.16-6.fc4 100% | 425.1 MiB/s | 435.3 KiB | 00m00s [ 15/163] Installing expat-0:2.7.2-1.fc 100% | 18.4 MiB/s | 300.7 KiB | 00m00s [ 16/163] Installing xml-common-0:0.6.3 100% | 79.2 MiB/s | 81.1 KiB | 00m00s [ 17/163] Installing protobuf-c-0:1.5.1 100% | 0.0 B/s | 51.4 KiB | 00m00s [ 18/163] Installing python3-rpm-macros 100% | 6.6 MiB/s | 6.8 KiB | 00m00s [ 19/163] Installing shared-mime-info-0 100% | 117.7 MiB/s | 2.6 MiB | 00m00s [ 20/163] Installing libICE-0:1.1.2-3.f 100% | 191.2 MiB/s | 195.8 KiB | 00m00s [ 21/163] Installing svt-av1-libs-0:3.1 100% | 397.8 MiB/s | 5.6 MiB | 00m00s [ 22/163] Installing rav1e-libs-0:0.7.1 100% | 427.4 MiB/s | 3.0 MiB | 00m00s [ 23/163] Installing adobe-mappings-cma 100% | 446.8 MiB/s | 15.2 MiB | 00m00s [ 24/163] Installing libseccomp-0:2.6.0 100% | 221.4 MiB/s | 226.8 KiB | 00m00s [ 25/163] Installing ngtcp2-0:1.16.0-1. 100% | 308.4 MiB/s | 315.8 KiB | 00m00s [ 26/163] Installing lmdb-libs-0:0.9.33 100% | 104.3 MiB/s | 106.8 KiB | 00m00s [ 27/163] Installing libuv-1:1.51.0-2.f 100% | 279.8 MiB/s | 573.0 KiB | 00m00s [ 28/163] Installing libmaxminddb-0:1.1 100% | 8.5 MiB/s | 86.9 KiB | 00m00s [ 29/163] Installing fstrm-0:0.6.1-13.f 100% | 50.8 MiB/s | 52.0 KiB | 00m00s [ 30/163] Installing bind-libs-32:9.18. 100% | 399.4 MiB/s | 3.6 MiB | 00m00s [ 31/163] Installing ngtcp2-crypto-ossl 100% | 0.0 B/s | 48.5 KiB | 00m00s [ 32/163] Installing adobe-mappings-cma 100% | 285.7 MiB/s | 585.2 KiB | 00m00s [ 33/163] Installing libSM-0:1.2.5-3.fc 100% | 0.0 B/s | 102.4 KiB | 00m00s [ 34/163] Installing pyproject-rpm-macr 100% | 114.1 MiB/s | 116.8 KiB | 00m00s [ 35/163] Installing graphviz-libs-0:13 100% | 310.3 MiB/s | 1.2 MiB | 00m00s [ 36/163] Installing urw-base35-bookman 100% | 455.0 MiB/s | 1.4 MiB | 00m00s [ 37/163] Installing urw-base35-c059-fo 100% | 465.1 MiB/s | 1.4 MiB | 00m00s [ 38/163] Installing urw-base35-d050000 100% | 0.0 B/s | 85.4 KiB | 00m00s [ 39/163] Installing urw-base35-gothic- 100% | 581.4 MiB/s | 1.2 MiB | 00m00s [ 40/163] Installing urw-base35-nimbus- 100% | 525.9 MiB/s | 1.1 MiB | 00m00s [ 41/163] Installing urw-base35-nimbus- 100% | 455.3 MiB/s | 1.4 MiB | 00m00s [ 42/163] Installing urw-base35-nimbus- 100% | 478.8 MiB/s | 2.4 MiB | 00m00s [ 43/163] Installing urw-base35-p052-fo 100% | 495.8 MiB/s | 1.5 MiB | 00m00s [ 44/163] Installing urw-base35-standar 100% | 0.0 B/s | 66.0 KiB | 00m00s [ 45/163] Installing urw-base35-z003-fo 100% | 382.6 MiB/s | 391.8 KiB | 00m00s [ 46/163] Installing urw-base35-fonts-0 100% | 0.0 B/s | 5.6 KiB | 00m00s [ 47/163] Installing abattis-cantarell- 100% | 189.9 MiB/s | 194.4 KiB | 00m00s [ 48/163] Installing google-droid-sans- 100% | 417.3 MiB/s | 6.3 MiB | 00m00s [ 49/163] Installing nss-softokn-freebl 100% | 415.2 MiB/s | 850.4 KiB | 00m00s [ 50/163] Installing nss-softokn-0:3.11 100% | 485.2 MiB/s | 1.9 MiB | 00m00s [ 51/163] Installing nss-0:3.116.0-1.fc 100% | 209.4 MiB/s | 1.9 MiB | 00m00s [ 52/163] Installing nss-sysinit-0:3.11 100% | 1.7 MiB/s | 19.2 KiB | 00m00s [ 53/163] Installing libyuv-0:0-0.57.20 100% | 332.7 MiB/s | 681.3 KiB | 00m00s [ 54/163] Installing noopenh264-0:2.6.0 100% | 0.0 B/s | 40.7 KiB | 00m00s [ 55/163] Installing libopenjph-0:0.22. 100% | 456.3 MiB/s | 467.3 KiB | 00m00s [ 56/163] Installing highway-0:1.2.0-5. 100% | 544.3 MiB/s | 4.4 MiB | 00m00s [ 57/163] Installing libjxl-1:0.11.1-5. 100% | 436.1 MiB/s | 3.1 MiB | 00m00s [ 58/163] Installing bubblewrap-0:0.11. 100% | 12.2 MiB/s | 137.2 KiB | 00m00s [ 59/163] Installing gpgme-0:1.24.3-6.f 100% | 52.4 MiB/s | 590.4 KiB | 00m00s [ 60/163] Installing gpgmepp-0:1.24.3-6 100% | 420.3 MiB/s | 430.4 KiB | 00m00s [ 61/163] Installing netpbm-0:11.10.00- 100% | 282.9 MiB/s | 579.5 KiB | 00m00s [ 62/163] Installing gts-0:0.7.6-51.201 100% | 52.4 MiB/s | 643.7 KiB | 00m00s [ 63/163] Installing graphite2-0:1.3.14 100% | 17.2 MiB/s | 193.9 KiB | 00m00s [ 64/163] Installing freetype-0:2.13.3- 100% | 277.3 MiB/s | 851.9 KiB | 00m00s [ 65/163] Installing harfbuzz-0:12.1.0- 100% | 410.0 MiB/s | 2.9 MiB | 00m00s [ 66/163] Installing ttmkfdir-0:3.0.9-7 100% | 12.1 MiB/s | 123.6 KiB | 00m00s [ 67/163] Installing libvmaf-0:3.0.0-4. 100% | 404.5 MiB/s | 828.4 KiB | 00m00s [ 68/163] Installing libaom-0:3.13.1-1. 100% | 457.4 MiB/s | 5.0 MiB | 00m00s [ 69/163] Installing libavif-0:1.3.0-2. 100% | 253.0 MiB/s | 259.1 KiB | 00m00s [ 70/163] Installing libheif-0:1.20.2-6 100% | 388.4 MiB/s | 1.6 MiB | 00m00s [ 71/163] Installing libpaper-1:2.1.1-9 100% | 0.0 B/s | 50.4 KiB | 00m00s [ 72/163] Installing libijs-0:0.35-25.f 100% | 0.0 B/s | 62.5 KiB | 00m00s [ 73/163] Installing jbig2dec-libs-0:0. 100% | 162.6 MiB/s | 166.5 KiB | 00m00s [ 74/163] Installing adobe-mappings-pdf 100% | 488.5 MiB/s | 4.4 MiB | 00m00s [ 75/163] Installing libdatrie-0:0.2.13 100% | 0.0 B/s | 54.9 KiB | 00m00s [ 76/163] Installing libthai-0:0.1.29-1 100% | 383.4 MiB/s | 785.2 KiB | 00m00s [ 77/163] Installing liblerc-0:4.0.0-9. 100% | 305.5 MiB/s | 625.6 KiB | 00m00s [ 78/163] Installing jbigkit-libs-0:2.1 100% | 112.7 MiB/s | 115.4 KiB | 00m00s [ 79/163] Installing libtiff-0:4.7.0-9. 100% | 303.4 MiB/s | 621.3 KiB | 00m00s [ 80/163] Installing libXau-0:1.0.12-3. 100% | 0.0 B/s | 74.5 KiB | 00m00s [ 81/163] Installing libxcb-0:1.17.0-6. 100% | 270.0 MiB/s | 1.1 MiB | 00m00s [ 82/163] Installing fribidi-0:1.0.16-3 100% | 17.1 MiB/s | 192.8 KiB | 00m00s [ 83/163] Installing poppler-data-0:0.4 100% | 427.2 MiB/s | 12.4 MiB | 00m00s [ 84/163] Installing dbus-libs-1:1.16.0 100% | 338.5 MiB/s | 346.6 KiB | 00m00s [ 85/163] Installing avahi-libs-0:0.9~r 100% | 170.1 MiB/s | 174.2 KiB | 00m00s [ 86/163] Installing pixman-0:0.46.2-2. 100% | 347.4 MiB/s | 711.4 KiB | 00m00s [ 87/163] Installing lzo-0:2.10-15.fc43 100% | 176.3 MiB/s | 180.5 KiB | 00m00s [ 88/163] Installing libicu-0:77.1-1.fc 100% | 454.9 MiB/s | 36.4 MiB | 00m00s [ 89/163] Installing boost-regex-0:1.83 100% | 285.2 MiB/s | 292.0 KiB | 00m00s [ 90/163] Installing libyaml-0:0.2.5-17 100% | 132.8 MiB/s | 136.0 KiB | 00m00s [ 91/163] Installing ctags-0:6.2.0-1.fc 100% | 137.4 MiB/s | 2.2 MiB | 00m00s [ 92/163] Installing source-highlight-0 100% | 157.1 MiB/s | 3.1 MiB | 00m00s [ 93/163] Installing cups-filesystem-1: 100% | 0.0 B/s | 1.8 KiB | 00m00s [ 94/163] Installing cups-libs-1:2.4.14 100% | 302.8 MiB/s | 620.1 KiB | 00m00s [ 95/163] Installing sgml-common-0:0.6. 100% | 14.2 MiB/s | 174.9 KiB | 00m00s [ 96/163] Installing docbook-dtds-0:1.0 100% | 45.0 MiB/s | 8.3 MiB | 00m00s [ 97/163] Installing docbook-style-xsl- 100% | 293.8 MiB/s | 15.9 MiB | 00m00s [ 98/163] Installing libimagequant-0:4. 100% | 346.2 MiB/s | 709.0 KiB | 00m00s [ 99/163] Installing tzdata-java-0:2025 100% | 0.0 B/s | 100.5 KiB | 00m00s [100/163] Installing lksctp-tools-0:1.0 100% | 20.8 MiB/s | 255.4 KiB | 00m00s [101/163] Installing javapackages-files 100% | 5.4 MiB/s | 5.5 KiB | 00m00s [102/163] Installing alsa-lib-0:1.2.14- 100% | 96.3 MiB/s | 1.4 MiB | 00m00s [103/163] Installing java-25-openjdk-he 100% | 498.6 MiB/s | 236.4 MiB | 00m00s [104/163] Installing libX11-common-0:1. 100% | 169.7 MiB/s | 1.2 MiB | 00m00s [105/163] Installing libX11-0:1.8.12-1. 100% | 427.2 MiB/s | 1.3 MiB | 00m00s [106/163] Installing libXrender-0:0.9.1 100% | 0.0 B/s | 47.3 KiB | 00m00s [107/163] Installing libXext-0:1.3.6-4. 100% | 0.0 B/s | 91.2 KiB | 00m00s [108/163] Installing libXi-0:1.8.2-3.fc 100% | 0.0 B/s | 81.7 KiB | 00m00s [109/163] Installing libXtst-0:1.2.5-3. 100% | 0.0 B/s | 34.6 KiB | 00m00s [110/163] Installing libXcomposite-0:0. 100% | 0.0 B/s | 42.0 KiB | 00m00s [111/163] Installing libXpm-0:3.5.17-6. 100% | 146.2 MiB/s | 149.7 KiB | 00m00s [112/163] Installing libXt-0:1.3.1-3.fc 100% | 420.9 MiB/s | 431.0 KiB | 00m00s [113/163] Installing libfontenc-0:1.1.8 100% | 0.0 B/s | 68.3 KiB | 00m00s [114/163] Installing mkfontscale-0:1.2. 100% | 3.5 MiB/s | 46.4 KiB | 00m00s [115/163] Installing tzdata-0:2025b-3.f 100% | 72.8 MiB/s | 1.9 MiB | 00m00s [116/163] Installing python-pip-wheel-0 100% | 589.9 MiB/s | 1.2 MiB | 00m00s [117/163] Installing mpdecimal-0:4.0.1- 100% | 53.4 MiB/s | 218.8 KiB | 00m00s [118/163] Installing python3-libs-0:3.1 100% | 390.5 MiB/s | 43.3 MiB | 00m00s [119/163] Installing python3-0:3.14.0~r 100% | 2.7 MiB/s | 30.7 KiB | 00m00s [120/163] Installing python3-packaging- 100% | 201.8 MiB/s | 619.9 KiB | 00m00s [121/163] Installing python3-rpm-genera 100% | 0.0 B/s | 82.9 KiB | 00m00s [122/163] Installing python3-iniconfig- 100% | 45.4 MiB/s | 46.5 KiB | 00m00s [123/163] Installing python3-pluggy-0:1 100% | 212.4 MiB/s | 217.5 KiB | 00m00s [124/163] Installing hiredis-0:1.2.0-7. 100% | 15.0 MiB/s | 107.6 KiB | 00m00s >>> Running sysusers scriptlet: unbound-libs-0:1.24.0-4.fc44.x86_64 >>> Finished sysusers scriptlet: unbound-libs-0:1.24.0-4.fc44.x86_64 >>> Scriptlet output: >>> Creating group 'unbound' with GID 999. >>> Creating user 'unbound' (Unbound DNS resolver) with UID 999 and GID 999. >>> [125/163] Installing unbound-libs-0:1.2 100% | 294.4 MiB/s | 1.5 MiB | 00m00s [126/163] Installing gnutls-dane-0:3.8. 100% | 0.0 B/s | 61.7 KiB | 00m00s [127/163] Installing google-noto-fonts- 100% | 0.0 B/s | 18.5 KiB | 00m00s [128/163] Installing google-noto-sans-v 100% | 347.8 MiB/s | 1.4 MiB | 00m00s [129/163] Installing default-fonts-core 100% | 17.8 MiB/s | 18.2 KiB | 00m00s [130/163] Installing fontconfig-0:2.17. 100% | 695.0 KiB/s | 785.3 KiB | 00m01s [131/163] Installing cairo-0:1.18.4-2.f 100% | 354.4 MiB/s | 1.8 MiB | 00m00s [132/163] Installing cairo-gobject-0:1. 100% | 0.0 B/s | 32.0 KiB | 00m00s [133/163] Installing xorg-x11-fonts-Typ 100% | 27.3 MiB/s | 865.6 KiB | 00m00s [134/163] Installing java-25-openjdk-1: 100% | 117.6 MiB/s | 963.5 KiB | 00m00s [135/163] Installing gd-0:2.3.3-20.fc44 100% | 197.6 MiB/s | 404.7 KiB | 00m00s [136/163] Installing libgs-0:10.06.0-1. 100% | 555.3 MiB/s | 24.4 MiB | 00m00s [137/163] Installing poppler-0:25.07.0- 100% | 423.4 MiB/s | 3.8 MiB | 00m00s [138/163] Installing poppler-glib-0:25. 100% | 310.0 MiB/s | 634.9 KiB | 00m00s [139/163] Installing libXft-0:2.3.8-9.f 100% | 162.0 MiB/s | 165.9 KiB | 00m00s [140/163] Installing pango-0:1.57.0-1.f 100% | 70.8 MiB/s | 1.0 MiB | 00m00s [141/163] Installing librsvg2-0:2.61.0- 100% | 419.8 MiB/s | 5.0 MiB | 00m00s [142/163] Installing glycin-loaders-0:2 100% | 545.9 MiB/s | 13.1 MiB | 00m00s [143/163] Installing glycin-libs-0:2.0. 100% | 439.3 MiB/s | 4.4 MiB | 00m00s [144/163] Installing gdk-pixbuf2-0:2.44 100% | 140.0 MiB/s | 2.5 MiB | 00m00s [145/163] Installing lasi-0:1.1.3-17.fc 100% | 125.2 MiB/s | 128.2 KiB | 00m00s [146/163] Installing graphviz-0:13.1.2- 100% | 378.7 MiB/s | 20.8 MiB | 00m00s [147/163] Installing libcbor-0:0.12.0-6 100% | 0.0 B/s | 79.2 KiB | 00m00s [148/163] Installing libfido2-0:1.16.0- 100% | 234.4 MiB/s | 240.0 KiB | 00m00s [149/163] Installing openssh-0:10.0p1-7 100% | 107.1 MiB/s | 1.4 MiB | 00m00s [150/163] Installing libedit-0:3.1-56.2 100% | 236.1 MiB/s | 241.8 KiB | 00m00s [151/163] Installing libxslt-0:1.1.43-5 100% | 37.7 MiB/s | 463.2 KiB | 00m00s [152/163] Installing asciidoc-0:10.2.0- 100% | 91.0 MiB/s | 1.7 MiB | 00m00s [153/163] Installing openssh-clients-0: 100% | 124.4 MiB/s | 2.6 MiB | 00m00s [154/163] Installing java-25-openjdk-de 100% | 315.8 MiB/s | 11.7 MiB | 00m00s [155/163] Installing gnutls-utils-0:3.8 100% | 86.9 MiB/s | 1.3 MiB | 00m00s [156/163] Installing python3-pytest-0:8 100% | 411.2 MiB/s | 21.8 MiB | 00m00s [157/163] Installing python3-devel-0:3. 100% | 110.6 MiB/s | 2.0 MiB | 00m00s [158/163] Installing nss-tools-0:3.116. 100% | 107.7 MiB/s | 2.4 MiB | 00m00s >>> Running sysusers scriptlet: bind-32:9.18.39-4.fc44.x86_64 >>> Finished sysusers scriptlet: bind-32:9.18.39-4.fc44.x86_64 >>> Scriptlet output: >>> Creating group 'named' with GID 25. >>> Creating user 'named' (Named) with UID 25 and GID 25. >>> [159/163] Installing bind-32:9.18.39-4. 100% | 41.4 MiB/s | 891.0 KiB | 00m00s [160/163] Installing systemd-rpm-macros 100% | 0.0 B/s | 8.9 KiB | 00m00s [161/163] Installing sequoia-policy-con 100% | 67.0 MiB/s | 892.0 KiB | 00m00s [162/163] Installing openssl-1:3.5.1-3. 100% | 103.5 MiB/s | 1.9 MiB | 00m00s [163/163] Installing make-1:4.4.1-11.fc 100% | 5.5 MiB/s | 1.8 MiB | 00m00s Warning: skipped OpenPGP checks for 161 packages from repositories: copr_coprdir, http_kojipkgs_fedoraproject_org_repos_f44_build_latest_basearch Complete! Finish: build setup for crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm Start: rpmbuild crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm Building target platforms: x86_64 Building for target x86_64 warning: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range setting SOURCE_DATE_EPOCH=1758240000 Executing(%mkbuilddir): /bin/sh -e /var/tmp/rpm-tmp.feBaPm Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.w6hrqK + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + cd /builddir/build/BUILD/crypto-policies-20250714-build + rm -rf fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + /usr/lib/rpm/rpmuncompress -x /builddir/build/SOURCES/crypto-policies-gitcd6043a.tar.gz + STATUS=0 + '[' 0 -ne 0 ']' + cd fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . + RPM_EC=0 ++ jobs -p + exit 0 Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.230KuP + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + /usr/bin/make -O -j4 V=1 VERBOSE=1 SEQUOIA_POLICY_CONFIG_CHECK_LOOSE=sequoia-policy-config-check SEQUOIA_POLICY_CONFIG_CHECK_STRICT= asciidoc -v -d manpage -b docbook update-crypto-policies.8.txt xsltproc --nonet -o update-crypto-policies.8 /usr/lib/python3.14/site-packages/asciidoc/resources/docbook-xsl/manpage.xsl update-crypto-policies.8.xml asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/asciidoc.conf asciidoc: reading: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49/update-crypto-policies.8.txt asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/docbook45.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/source/source-highlight-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/graphviz/graphviz-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/code/code-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/lang-en.conf asciidoc: writing: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49/update-crypto-policies.8.xml Note: Writing update-crypto-policies.8 asciidoc -v -d manpage -b docbook crypto-policies.7.txt xsltproc --nonet -o crypto-policies.7 /usr/lib/python3.14/site-packages/asciidoc/resources/docbook-xsl/manpage.xsl crypto-policies.7.xml asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/asciidoc.conf asciidoc: reading: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49/crypto-policies.7.txt asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/docbook45.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/source/source-highlight-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/graphviz/graphviz-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/filters/code/code-filter.conf asciidoc: reading: /usr/lib/python3.14/site-packages/asciidoc/resources/lang-en.conf asciidoc: writing: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49/crypto-policies.7.xml Note: Writing crypto-policies.7 mkdir -p output python/build-crypto-policies.py --reloadcmds policies output Saving config for bind for policy LEGACY Saving config for gnutls for policy LEGACY Saving config for java for policy LEGACY Saving config for krb5 for policy LEGACY Saving config for libreswan for policy LEGACY Saving config for libssh for policy LEGACY Saving config for nss for policy LEGACY Saving config for openssh for policy LEGACY Saving config for opensshserver for policy LEGACY Saving config for openssl_fips for policy LEGACY Saving config for opensslcnf for policy LEGACY Saving config for rpm-sequoia for policy LEGACY Saving config for sequoia for policy LEGACY Saving config for bind for policy GOST-ONLY Saving config for gnutls for policy GOST-ONLY Saving config for java for policy GOST-ONLY Saving config for krb5 for policy GOST-ONLY Saving config for libreswan for policy GOST-ONLY Saving config for libssh for policy GOST-ONLY Saving config for nss for policy GOST-ONLY Saving config for openssh for policy GOST-ONLY Saving config for opensshserver for policy GOST-ONLY Saving config for openssl_fips for policy GOST-ONLY Saving config for opensslcnf for policy GOST-ONLY Saving config for rpm-sequoia for policy GOST-ONLY Saving config for sequoia for policy GOST-ONLY Saving config for bind for policy FUTURE Saving config for gnutls for policy FUTURE Saving config for java for policy FUTURE Saving config for krb5 for policy FUTURE Saving config for libreswan for policy FUTURE Saving config for libssh for policy FUTURE Saving config for nss for policy FUTURE Saving config for openssh for policy FUTURE Saving config for opensshserver for policy FUTURE Saving config for openssl_fips for policy FUTURE Saving config for opensslcnf for policy FUTURE Saving config for rpm-sequoia for policy FUTURE Saving config for sequoia for policy FUTURE Saving config for bind for policy FIPS Saving config for gnutls for policy FIPS Saving config for java for policy FIPS Saving config for krb5 for policy FIPS Saving config for libreswan for policy FIPS Saving config for libssh for policy FIPS Saving config for nss for policy FIPS Saving config for openssh for policy FIPS Saving config for opensshserver for policy FIPS Saving config for openssl_fips for policy FIPS Saving config for opensslcnf for policy FIPS Saving config for rpm-sequoia for policy FIPS Saving config for sequoia for policy FIPS Saving config for bind for policy FEDORA43 Saving config for gnutls for policy FEDORA43 Saving config for java for policy FEDORA43 Saving config for krb5 for policy FEDORA43 Saving config for libreswan for policy FEDORA43 Saving config for libssh for policy FEDORA43 Saving config for nss for policy FEDORA43 Saving config for openssh for policy FEDORA43 Saving config for opensshserver for policy FEDORA43 Saving config for openssl_fips for policy FEDORA43 Saving config for opensslcnf for policy FEDORA43 Saving config for rpm-sequoia for policy FEDORA43 Saving config for sequoia for policy FEDORA43 Saving config for bind for policy FEDORA42 Saving config for gnutls for policy FEDORA42 Saving config for java for policy FEDORA42 Saving config for krb5 for policy FEDORA42 Saving config for libreswan for policy FEDORA42 Saving config for libssh for policy FEDORA42 Saving config for nss for policy FEDORA42 Saving config for openssh for policy FEDORA42 Saving config for opensshserver for policy FEDORA42 Saving config for openssl_fips for policy FEDORA42 Saving config for opensslcnf for policy FEDORA42 Saving config for rpm-sequoia for policy FEDORA42 Saving config for sequoia for policy FEDORA42 Saving config for bind for policy EMPTY Saving config for gnutls for policy EMPTY Saving config for java for policy EMPTY Saving config for krb5 for policy EMPTY Saving config for libreswan for policy EMPTY Saving config for libssh for policy EMPTY Saving config for nss for policy EMPTY Saving config for openssh for policy EMPTY Saving config for opensshserver for policy EMPTY Saving config for openssl_fips for policy EMPTY Saving config for opensslcnf for policy EMPTY Saving config for rpm-sequoia for policy EMPTY Saving config for sequoia for policy EMPTY Saving config for bind for policy DEFAULT Saving config for gnutls for policy DEFAULT Saving config for java for policy DEFAULT Saving config for krb5 for policy DEFAULT Saving config for libreswan for policy DEFAULT Saving config for libssh for policy DEFAULT Saving config for nss for policy DEFAULT Saving config for openssh for policy DEFAULT Saving config for opensshserver for policy DEFAULT Saving config for openssl_fips for policy DEFAULT Saving config for opensslcnf for policy DEFAULT Saving config for rpm-sequoia for policy DEFAULT Saving config for sequoia for policy DEFAULT Saving config for bind for policy BSI Saving config for gnutls for policy BSI Saving config for java for policy BSI Saving config for krb5 for policy BSI Saving config for libreswan for policy BSI Saving config for libssh for policy BSI Saving config for nss for policy BSI Saving config for openssh for policy BSI Saving config for opensshserver for policy BSI Saving config for openssl_fips for policy BSI Saving config for opensslcnf for policy BSI Saving config for rpm-sequoia for policy BSI Saving config for sequoia for policy BSI gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: marking hash SHAKE-128 as secure gnutls[2]: cfg: marking hash SHA1 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature DSA-SHA256 as secure gnutls[2]: cfg: marking signature DSA-SHA384 as secure gnutls[2]: cfg: marking signature DSA-SHA512 as secure gnutls[2]: cfg: marking signature DSA-SHA224 as secure gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure gnutls[2]: cfg: marking signature RSA-SHA1 as secure gnutls[2]: cfg: marking signature DSA-SHA1 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version TLS1.1 gnutls[2]: cfg: enabling version TLS1.0 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: enabling version DTLS1.0 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpjetun64z mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA1 is enabled for SSL-KX NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 9 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpagg3zroq mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp00mpb8ze mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpq2gf_7n4 mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpzb19sz1d mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpckyf6mmn mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.aGM840 ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpoh_q3sd7 mtime 1759842695 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 7 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy + RPM_EC=0 ++ jobs -p + exit 0 + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + '[' /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT '!=' / ']' + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT ++ dirname /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT + mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build + mkdir /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/state/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/local.d/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/policies/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/policies/modules/ + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/bin + make DESTDIR=/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT DIR=/usr/share/crypto-policies MANDIR=/usr/share/man -j4 install mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/man mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/man/man7 mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/man/man8 mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/bin mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/libexec mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/lib/systemd/system install -p -m 644 crypto-policies.7 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/man/man7 install -p -m 644 update-crypto-policies.8 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/man/man8 install -p -m 755 update-crypto-policies /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/bin install -p -m 644 fips-crypto-policy-overlay.service /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/lib/systemd/system install -p -m 755 fips-crypto-policy-overlay fips-setup-helper /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/libexec mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/ install -p -m 644 default-config /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies install -p -m 644 default-fips-config /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies install -p -m 644 output/reload-cmds.sh /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies for f in $(find output -name '*.txt') ; do d=$(dirname $f | cut -f 2- -d '/') ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done for f in $(find policies -name '*.p*') ; do d=$(dirname $f) ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done for f in $(find python -name '*.py') ; do d=$(dirname $f) ; install -p -m 644 -D -t /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d $f ; done chmod 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/update-crypto-policies.py chmod 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/build-crypto-policies.py + install -p -m 644 default-config /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/config + install -p -m 644 default-fips-config /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/default-fips-config + touch /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/state/current + touch /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/state/CURRENT.pol + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/GOST-ONLY + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/BSI + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FEDORA42 + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FEDORA43 + for d in LEGACY DEFAULT FUTURE FIPS + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/bind.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/bind.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/bind.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/gnutls.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/gnutls.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/gnutls.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/java.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/java.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/java.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/krb5.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/krb5.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/krb5.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libreswan.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libreswan.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/libreswan.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/libssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/libssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/nss.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/nss.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/nss.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/openssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensshserver.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/opensshserver.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssl_fips.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/openssl_fips.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensslcnf.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/opensslcnf.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/rpm-sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/rpm-sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/LEGACY/sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/LEGACY/sequoia.config + for d in LEGACY DEFAULT FUTURE FIPS + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/bind.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/gnutls.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/java.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/krb5.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/libreswan.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/libssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/nss.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/openssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/opensshserver.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/openssl_fips.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/opensslcnf.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/rpm-sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/DEFAULT/sequoia.config + for d in LEGACY DEFAULT FUTURE FIPS + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/bind.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/bind.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/bind.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/gnutls.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/gnutls.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/gnutls.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/java.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/java.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/java.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/krb5.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/krb5.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/krb5.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libreswan.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libreswan.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/libreswan.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/libssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/libssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/nss.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/nss.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/nss.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/openssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensshserver.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/opensshserver.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssl_fips.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/openssl_fips.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensslcnf.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/opensslcnf.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/rpm-sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/rpm-sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FUTURE/sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FUTURE/sequoia.config + for d in LEGACY DEFAULT FUTURE FIPS + mkdir -p -m 755 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/bind.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/bind.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/bind.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/gnutls.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/gnutls.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/gnutls.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/java.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/java.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/java.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/krb5.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/krb5.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/krb5.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/libreswan.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/libreswan.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/libreswan.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/libssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/libssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/libssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/nss.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/nss.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/nss.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssh.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/openssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensshserver.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/opensshserver.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssl_fips.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/openssl_fips.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensslcnf.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/opensslcnf.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/rpm-sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/rpm-sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/$d/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/sequoia.txt .txt + ln /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/FIPS/sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/back-ends/FIPS/sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/bind.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/bind.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/bind.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/gnutls.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/gnutls.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/gnutls.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/java.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/java.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/java.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/krb5.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/krb5.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/krb5.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libreswan.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/libreswan.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/libreswan.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/libssh.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/libssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/libssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/nss.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/nss.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/nss.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssh.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/openssh.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/openssh.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensshserver.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/opensshserver.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/opensshserver.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/openssl_fips.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/openssl_fips.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/openssl_fips.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/opensslcnf.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/opensslcnf.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/rpm-sequoia.config + for f in /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/* ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt ++ basename /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/DEFAULT/sequoia.txt .txt + ln -sf /usr/share/crypto-policies/DEFAULT/sequoia.txt /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/etc/crypto-policies/back-ends/sequoia.config + [[ /usr/bin/python3 =~ - ]] + clamp_source_mtime /usr/bin/python3 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python + python_binary='env /usr/bin/python3' + bytecode_compilation_path=/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python + PYTHONPATH=/usr/lib/rpm/redhat + env /usr/bin/python3 -s -B -m clamp_source_mtime /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators'... ++ /usr/bin/python3 -c 'import sys; sys.stdout.write('\''{0.major}{0.minor}'\''.format(sys.version_info))' + python_version=314 + '[' 314 -ge 39 ']' + py39_byte_compile /usr/bin/python3 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python + python_binary='env PYTHONHASHSEED=0 /usr/bin/python3' + bytecode_compilation_path=/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python + env PYTHONHASHSEED=0 /usr/bin/python3 -s -B -m compileall -j4 -o 0 -o 1 -s /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT -p / --hardlink-dupes --invalidation-mode=timestamp /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation'... Listing '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/build-crypto-policies.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__init__.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/alg_lists.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/cryptopolicies.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__init__.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/alg_lists.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/general.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/rules.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/gnutls.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/java.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/krb5.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/libreswan.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/scope.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__init__.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/bind.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/configgenerator.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/sequoia.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/update-crypto-policies.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/libssh.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/nss.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/openssh.py'... Compiling '/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/openssl.py'... + /usr/lib/rpm/check-buildroot + /usr/lib/rpm/redhat/brp-ldconfig + /usr/lib/rpm/brp-compress + /usr/lib/rpm/brp-strip /usr/bin/strip + /usr/lib/rpm/brp-strip-comment-note /usr/bin/strip /usr/bin/objdump + /usr/lib/rpm/redhat/brp-strip-lto /usr/bin/strip + /usr/lib/rpm/check-rpaths + /usr/lib/rpm/redhat/brp-mangle-shebangs mangling shebang in /usr/libexec/fips-setup-helper from /bin/bash to #!/usr/bin/bash mangling shebang in /usr/libexec/fips-crypto-policy-overlay from /bin/bash to #!/usr/bin/bash mangling shebang in /usr/share/crypto-policies/python/build-crypto-policies.py from /usr/bin/env python3 to #!/usr/bin/python3 mangling shebang in /usr/share/crypto-policies/python/update-crypto-policies.py from /usr/bin/env python3 to #!/usr/bin/python3 + /usr/lib/rpm/brp-remove-la-files + /usr/lib/rpm/redhat/brp-python-rpm-in-distinfo + env /usr/lib/rpm/redhat/brp-python-bytecompile '' 1 0 -j4 + /usr/lib/rpm/redhat/brp-python-hardlink + /usr/bin/add-det --brp -j4 /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/build-crypto-policies.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-314.opt-1.pyc: replacing with normalized version /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-314.pyc: replacing with normalized version /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/__init__.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/alg_lists.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/rules.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-314.opt-1.pyc: replacing with normalized version /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/general.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-314.pyc: replacing with normalized version /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/alg_lists.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/__init__.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/scope.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/libreswan.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/krb5.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/nss.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/openssl.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/java.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/openssh.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/configgenerator.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/gnutls.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/__init__.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/bind.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/libssh.cpython-314.opt-1.pyc: rewriting with normalized contents /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/crypto-policies/python/policygenerators/__pycache__/sequoia.cpython-314.opt-1.pyc: rewriting with normalized contents Scanned 39 directories and 228 files, processed 26 inodes, 24 modified (4 replaced + 20 rewritten), 0 unsupported format, 0 errors + /usr/bin/linkdupes --brp /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr Scanned 31 directories and 212 files, considered 212 files, read 32 files, linked 19 files, 0 errors sum of sizes of linked files: 21729 bytes Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.tyAm9I + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + make test -j4 SKIP_LINTING=1 SEQUOIA_POLICY_CONFIG_CHECK_LOOSE=sequoia-policy-config-check SEQUOIA_POLICY_CONFIG_CHECK_STRICT= python/build-crypto-policies.py --strict --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: marking hash SHAKE-128 as secure gnutls[2]: cfg: marking hash SHA1 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature DSA-SHA256 as secure gnutls[2]: cfg: marking signature DSA-SHA384 as secure gnutls[2]: cfg: marking signature DSA-SHA512 as secure gnutls[2]: cfg: marking signature DSA-SHA224 as secure gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure gnutls[2]: cfg: marking signature RSA-SHA1 as secure gnutls[2]: cfg: marking signature DSA-SHA1 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version TLS1.1 gnutls[2]: cfg: enabling version TLS1.0 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: enabling version DTLS1.0 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp9tugkkap mtime 1759842696 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA1 is enabled for SSL-KX NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 9 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 ============================= test session starts ============================== platform linux -- Python 3.14.0rc3, pytest-8.3.5, pluggy-1.6.0 -- /usr/bin/python3 cachedir: .pytest_cache rootdir: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 configfile: pytest.ini collecting ... Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy ============================= test session starts ============================== platform linux -- Python 3.14.0rc3, pytest-8.3.5, pluggy-1.6.0 -- /usr/bin/python3 cachedir: .pytest_cache rootdir: /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 configfile: pytest.ini collecting ... collected 12 items python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.earliest_occurrence PASSED [ 8%] python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.glob PASSED [ 16%] python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.max_dtls_version PASSED [ 25%] python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.max_tls_version PASSED [ 33%]gnutls[2]: Enabled GnuTLS 3.8.10 logging... python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.min_dtls_version gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpgq_dols8 mtime 1759842696 gnutls[2]: cfg: deferred setting system-wide priority string PASSED [ 41%] python/cryptopolicies/alg_lists.py::cryptopolicies.alg_lists.min_tls_version PASSED [ 50%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopeSelector.__init__ PASSED [ 58%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopeSelector.matches PASSED [ 66%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.ScopedPolicy PASSED [ 75%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.parse_line PASSED [ 83%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.parse_rhs PASSED [ 91%] python/cryptopolicies/cryptopolicies.py::cryptopolicies.cryptopolicies.preprocess_text PASSED [100%] ============================== 12 passed in 0.06s ============================== NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp1xxvk76z mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string collected 52 items tests/unit/test_alg_lists.py::test_glob_alg_sanity PASSED [ 1%] tests/unit/test_alg_lists.py::test_glob_alg_globbing PASSED [ 3%] tests/unit/test_alg_lists.py::test_glob_experimental PASSED [ 5%] tests/unit/test_alg_lists.py::test_glob_alg_algorithm_empty PASSED [ 7%] tests/unit/test_alg_lists.py::test_glob_alg_algorithm_class_unknown PASSED [ 9%] tests/unit/test_alg_lists.py::test_min_versions PASSED [ 11%] tests/unit/test_alg_lists.py::test_max_versions PASSED [ 13%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_is_empty PASSED [ 15%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_not_found PASSED [ 17%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_broken PASSED [ 19%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_basic PASSED [ 21%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_subpolicy PASSED [ 23%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_smoke_several_subpolicies NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 PASSED [ 25%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_new_recommended PASSED [ 26%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_old_recommended PASSED [ 28%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_breaking1 PASSED [ 30%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_diamond_breaking2 Pseudo-terminal will not be allocated because stdin is not a terminal. PASSED [ 32%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_sha1_in_dnssec PASSED [ 34%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_value_replacement PASSED [ 36%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_to_enum PASSED [ 38%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_compat_scoped_ssh_etm_to_enum PASSED [ 40%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_prepend_order PASSED [ 42%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_no_duplicates the generated sequoia policy is valid TOML PASSED [ 44%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_minver sequoia-policy-config-check returns 0 for the generated sequoia policy PASSED [ 46%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_maxver PASSED [ 48%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental the generated sequoia policy is valid TOML PASSED [ 50%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental_warnings_suppression_none sequoia-policy-config-check returns 0 for the generated sequoia policy PASSED [ 51%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental_warnings_suppression_full PASSED [ 53%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental_warnings_suppression_part PASSED [ 55%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_experimental_warnings_suppression_reset PASSED [ 57%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_to_string_empty PASSED [ 59%] tests/unit/test_cryptopolicy.py::test_cryptopolicy_to_string_twisted PASSED [ 61%] tests/unit/test_parse_line.py::test_parse_line PASSED [ 63%] tests/unit/test_parse_line.py::test_parse_bad PASSED [ 65%] tests/unit/test_parse_rhs.py::test_parse_rhs PASSED [ 67%] tests/unit/test_preprocess_text.py::test_preprocess_text_basics PASSED [ 69%] tests/unit/test_preprocess_text.py::test_preprocess_text_compat PASSED [ 71%] tests/unit/test_preprocess_text.py::test_preprocess_text_compat_problematic PASSED [ 73%] tests/unit/test_preprocess_text.py::test_preprocess_text_compat_diamond_problem PASSED [ 75%] tests/unit/test_scope_selector.py::test_scope_selector_any PASSED [ 76%] tests/unit/test_scope_selector.py::test_scope_selector_tls PASSED [ 78%] tests/unit/test_scope_selector.py::test_scope_selector_nontls PASSED [ 80%] tests/unit/test_scope_selector.py::test_scope_selector_posglob PASSED [ 82%] tests/unit/test_scope_selector.py::test_scope_selector_negglob PASSED [ 84%] tests/unit/test_scope_selector.py::test_scope_selector_posmixed PASSED [ 86%] tests/unit/test_scope_selector.py::test_scope_selector_negmixed PASSED [ 88%] tests/unit/test_scope_selector.py::test_scope_selector_curly_brackets PASSED [ 90%] tests/unit/test_scope_selector.py::test_scope_selector_empty PASSED [ 92%] tests/unit/test_scope_selector.py::test_scope_selector_illegal_character PASSED [ 94%] tests/unit/test_scope_selector.py::test_scope_selector_comma gnutls[2]: Enabled GnuTLS 3.8.10 logging... PASSED [ 96%]gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS tests/unit/test_scope_selector.py::test_scope_selector_unknown gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpnj5btc__ mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string PASSED [ 98%] tests/unit/test_scope_selector.py::test_scope_selector_nomatch PASSED [100%] ============================== 52 passed in 0.14s ============================== NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp5o9y93pd mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp5tk0_gnh mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpfn56ymma mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 7 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy FIPS:OSPP --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpxqs8ybb_ mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 11 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 11 NSS-POLICY-INFO: NUMBER-OF-ECC: 2 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 5 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy FIPS:ECDHE-ONLY --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp_z1dsjgr mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 2 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy FIPS:NO-ENFORCE-EMS --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpllv5e1p_ mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy DEFAULT:GOST --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpc6h4f66t mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy GOST-ONLY --test --flat policies tests/outputs python/build-crypto-policies.py --strict --policy LEGACY:AD-SUPPORT --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: marking hash SHAKE-128 as secure gnutls[2]: cfg: marking hash SHA1 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature DSA-SHA256 as secure gnutls[2]: cfg: marking signature DSA-SHA384 as secure gnutls[2]: cfg: marking signature DSA-SHA512 as secure gnutls[2]: cfg: marking signature DSA-SHA224 as secure gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure gnutls[2]: cfg: marking signature RSA-SHA1 as secure gnutls[2]: cfg: marking signature DSA-SHA1 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version TLS1.1 gnutls[2]: cfg: enabling version TLS1.0 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: enabling version DTLS1.0 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp3009r35e mtime 1759842697 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA1 is enabled for SSL-KX NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 9 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --strict --policy DEFAULT:NO-PQ --test --flat policies tests/outputs gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpp8ab18c9 mtime 1759842698 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy DEFAULT:TEST-PQ --test --flat policies tests/outputs # not strict ExperimentalValueWarning: `group` value `P521-MLKEM1024` is experimental and might go away in the future ExperimentalValueWarning: `group` value `P384-MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM1024` is experimental and might go away in the future ExperimentalValueWarning: `group` value `P256-MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `group` value `X448-MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `X25519-MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-BP384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-P384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-MLDSA87` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-RSA3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-PSS3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-MLDSA65` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-ED25519` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-RSA2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-PSS2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-MLDSA44` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-MLDSA44` is experimental and might go away in the future gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpo9_0nxuh mtime 1759842698 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy # FEDORA43 === DEFAULT diff policies/FEDORA43.pol policies/DEFAULT.pol # FEDORA43:NO-PQ == FEDORA42 == FEDORA43:TEST-PQ:NO-PQ #mkdir -p output/compare/FEDORA43:NO-PQ output/compare/FEDORA42 python/build-crypto-policies.py --strict --policy FEDORA43:NO-PQ policies output/compare gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp9zkrdoma mtime 1759842698 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy Saving config for bind for policy FEDORA43:NO-PQ Saving config for gnutls for policy FEDORA43:NO-PQ Saving config for java for policy FEDORA43:NO-PQ Saving config for krb5 for policy FEDORA43:NO-PQ Saving config for libreswan for policy FEDORA43:NO-PQ Saving config for libssh for policy FEDORA43:NO-PQ Saving config for nss for policy FEDORA43:NO-PQ Saving config for openssh for policy FEDORA43:NO-PQ Saving config for opensshserver for policy FEDORA43:NO-PQ Saving config for openssl_fips for policy FEDORA43:NO-PQ Saving config for opensslcnf for policy FEDORA43:NO-PQ Saving config for rpm-sequoia for policy FEDORA43:NO-PQ Saving config for sequoia for policy FEDORA43:NO-PQ python/build-crypto-policies.py --policy FEDORA43:TEST-PQ:NO-PQ policies output/compare # not strict ExperimentalValueWarning: `group` value `P521-MLKEM1024` is experimental and might go away in the future ExperimentalValueWarning: `group` value `P384-MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM1024` is experimental and might go away in the future ExperimentalValueWarning: `group` value `P256-MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `group` value `X448-MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM768` is experimental and might go away in the future ExperimentalValueWarning: `group` value `X25519-MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `group` value `MLKEM512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-BP384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-P384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-MLDSA87` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-RSA3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-PSS3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-MLDSA65` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-ED25519` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-RSA2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-PSS2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-MLDSA44` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-MLDSA44` is experimental and might go away in the future gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp3hsj1oed mtime 1759842698 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy Saving config for bind for policy FEDORA43:TEST-PQ:NO-PQ Saving config for gnutls for policy FEDORA43:TEST-PQ:NO-PQ Saving config for java for policy FEDORA43:TEST-PQ:NO-PQ Saving config for krb5 for policy FEDORA43:TEST-PQ:NO-PQ Saving config for libreswan for policy FEDORA43:TEST-PQ:NO-PQ Saving config for libssh for policy FEDORA43:TEST-PQ:NO-PQ Saving config for nss for policy FEDORA43:TEST-PQ:NO-PQ Saving config for openssh for policy FEDORA43:TEST-PQ:NO-PQ Saving config for opensshserver for policy FEDORA43:TEST-PQ:NO-PQ Saving config for openssl_fips for policy FEDORA43:TEST-PQ:NO-PQ Saving config for opensslcnf for policy FEDORA43:TEST-PQ:NO-PQ Saving config for rpm-sequoia for policy FEDORA43:TEST-PQ:NO-PQ Saving config for sequoia for policy FEDORA43:TEST-PQ:NO-PQ python/build-crypto-policies.py --strict --policy FEDORA42 policies output/compare gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp6tjn7ppy mtime 1759842698 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy Saving config for bind for policy FEDORA42 Saving config for gnutls for policy FEDORA42 Saving config for java for policy FEDORA42 Saving config for krb5 for policy FEDORA42 Saving config for libreswan for policy FEDORA42 Saving config for libssh for policy FEDORA42 Saving config for nss for policy FEDORA42 Saving config for openssh for policy FEDORA42 Saving config for opensshserver for policy FEDORA42 Saving config for openssl_fips for policy FEDORA42 Saving config for opensslcnf for policy FEDORA42 Saving config for rpm-sequoia for policy FEDORA42 Saving config for sequoia for policy FEDORA42 diff -r output/compare/FEDORA43:NO-PQ output/compare/FEDORA42 diff -r output/compare/FEDORA43:TEST-PQ:NO-PQ output/compare/FEDORA42 rm -r output/compare tests/openssl.py Checking the OpenSSL configuration Checking policy LEGACY:AD-SUPPORT Checking policy LEGACY Checking policy FUTURE Checking policy FIPS:OSPP Checking policy FIPS:NO-ENFORCE-EMS Checking policy FIPS:ECDHE-ONLY Checking policy FIPS Checking policy FEDORA43 Checking policy FEDORA42 Checking policy DEFAULT:TEST-PQ Checking policy DEFAULT:NO-PQ Checking policy DEFAULT:GOST Checking policy DEFAULT Checking policy BSI tests/gnutls.py Checking the GnuTLS configuration Checking policy LEGACY:AD-SUPPORT Checking policy LEGACY Checking policy FUTURE Checking policy FIPS:OSPP Checking policy FIPS:NO-ENFORCE-EMS Checking policy FIPS:ECDHE-ONLY Checking policy FIPS Checking policy FEDORA43 Checking policy FEDORA42 Checking policy EMPTY Checking policy DEFAULT:TEST-PQ Checking policy DEFAULT:NO-PQ Checking policy DEFAULT:GOST Checking policy DEFAULT Checking policy BSI tests/nss.py Checking the NSS configuration Checking policy LEGACY:AD-SUPPORT Checking policy LEGACY Checking policy GOST-ONLY Checking policy FUTURE Checking policy FIPS:OSPP Checking policy FIPS:NO-ENFORCE-EMS Checking policy FIPS:ECDHE-ONLY Checking policy FIPS Checking policy FEDORA43 Checking policy FEDORA42 Checking policy EMPTY Checking policy DEFAULT:TEST-PQ Checking policy DEFAULT:NO-PQ Checking policy DEFAULT:GOST Checking policy DEFAULT Checking policy BSI tests/java.py Checking the Java configuration Checking policy LEGACY:AD-SUPPORT Checking policy LEGACY Checking policy GOST-ONLY Checking policy FUTURE Checking policy FIPS:OSPP Checking policy FIPS:NO-ENFORCE-EMS Checking policy FIPS:ECDHE-ONLY Checking policy FIPS Checking policy FEDORA43 Checking policy FEDORA42 Checking policy EMPTY Checking policy DEFAULT:TEST-PQ Checking policy DEFAULT:NO-PQ Checking policy DEFAULT:GOST Checking policy DEFAULT Checking policy BSI tests/krb5.py Skipping krb5 test; checker not found! top_srcdir=. tests/update-crypto-policies.sh Saving config for bind for policy LEGACY Saving config for gnutls for policy LEGACY Saving config for java for policy LEGACY Saving config for krb5 for policy LEGACY Saving config for libreswan for policy LEGACY Saving config for libssh for policy LEGACY Saving config for nss for policy LEGACY Saving config for openssh for policy LEGACY Saving config for opensshserver for policy LEGACY Saving config for openssl_fips for policy LEGACY Saving config for opensslcnf for policy LEGACY Saving config for rpm-sequoia for policy LEGACY Saving config for sequoia for policy LEGACY Saving config for bind for policy GOST-ONLY Saving config for gnutls for policy GOST-ONLY Saving config for java for policy GOST-ONLY Saving config for krb5 for policy GOST-ONLY Saving config for libreswan for policy GOST-ONLY Saving config for libssh for policy GOST-ONLY Saving config for nss for policy GOST-ONLY Saving config for openssh for policy GOST-ONLY Saving config for opensshserver for policy GOST-ONLY Saving config for openssl_fips for policy GOST-ONLY Saving config for opensslcnf for policy GOST-ONLY Saving config for rpm-sequoia for policy GOST-ONLY Saving config for sequoia for policy GOST-ONLY Saving config for bind for policy FUTURE Saving config for gnutls for policy FUTURE Saving config for java for policy FUTURE Saving config for krb5 for policy FUTURE Saving config for libreswan for policy FUTURE Saving config for libssh for policy FUTURE Saving config for nss for policy FUTURE Saving config for openssh for policy FUTURE Saving config for opensshserver for policy FUTURE Saving config for openssl_fips for policy FUTURE Saving config for opensslcnf for policy FUTURE Saving config for rpm-sequoia for policy FUTURE Saving config for sequoia for policy FUTURE Saving config for bind for policy FIPS Saving config for gnutls for policy FIPS Saving config for java for policy FIPS Saving config for krb5 for policy FIPS Saving config for libreswan for policy FIPS Saving config for libssh for policy FIPS Saving config for nss for policy FIPS Saving config for openssh for policy FIPS Saving config for opensshserver for policy FIPS Saving config for openssl_fips for policy FIPS Saving config for opensslcnf for policy FIPS Saving config for rpm-sequoia for policy FIPS Saving config for sequoia for policy FIPS Saving config for bind for policy FEDORA43 Saving config for gnutls for policy FEDORA43 Saving config for java for policy FEDORA43 Saving config for krb5 for policy FEDORA43 Saving config for libreswan for policy FEDORA43 Saving config for libssh for policy FEDORA43 Saving config for nss for policy FEDORA43 Saving config for openssh for policy FEDORA43 Saving config for opensshserver for policy FEDORA43 Saving config for openssl_fips for policy FEDORA43 Saving config for opensslcnf for policy FEDORA43 Saving config for rpm-sequoia for policy FEDORA43 Saving config for sequoia for policy FEDORA43 Saving config for bind for policy FEDORA42 Saving config for gnutls for policy FEDORA42 Saving config for java for policy FEDORA42 Saving config for krb5 for policy FEDORA42 Saving config for libreswan for policy FEDORA42 Saving config for libssh for policy FEDORA42 Saving config for nss for policy FEDORA42 Saving config for openssh for policy FEDORA42 Saving config for opensshserver for policy FEDORA42 Saving config for openssl_fips for policy FEDORA42 Saving config for opensslcnf for policy FEDORA42 Saving config for rpm-sequoia for policy FEDORA42 Saving config for sequoia for policy FEDORA42 Saving config for bind for policy EMPTY Saving config for gnutls for policy EMPTY Saving config for java for policy EMPTY Saving config for krb5 for policy EMPTY Saving config for libreswan for policy EMPTY Saving config for libssh for policy EMPTY Saving config for nss for policy EMPTY Saving config for openssh for policy EMPTY Saving config for opensshserver for policy EMPTY Saving config for openssl_fips for policy EMPTY Saving config for opensslcnf for policy EMPTY Saving config for rpm-sequoia for policy EMPTY Saving config for sequoia for policy EMPTY Saving config for bind for policy DEFAULT Saving config for gnutls for policy DEFAULT Saving config for java for policy DEFAULT Saving config for krb5 for policy DEFAULT Saving config for libreswan for policy DEFAULT Saving config for libssh for policy DEFAULT Saving config for nss for policy DEFAULT Saving config for openssh for policy DEFAULT Saving config for opensshserver for policy DEFAULT Saving config for openssl_fips for policy DEFAULT Saving config for opensslcnf for policy DEFAULT Saving config for rpm-sequoia for policy DEFAULT Saving config for sequoia for policy DEFAULT Saving config for bind for policy BSI Saving config for gnutls for policy BSI Saving config for java for policy BSI Saving config for krb5 for policy BSI Saving config for libreswan for policy BSI Saving config for libssh for policy BSI Saving config for nss for policy BSI Saving config for openssh for policy BSI Saving config for opensshserver for policy BSI Saving config for openssl_fips for policy BSI Saving config for opensslcnf for policy BSI Saving config for rpm-sequoia for policy BSI Saving config for sequoia for policy BSI tests/update-crypto-policies.sh: checking if default profile is properly selected Setting system policy to DEFAULT Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. tests/update-crypto-policies.sh: checking if current policy dump is equal to the original default profile PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement Setting system policy to CURRENT Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. tests/update-crypto-policies.sh: checking if switching to other profile works Setting system policy to LEGACY Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. tests/update-crypto-policies.sh: checking if local.d works Setting system policy to DEFAULT Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. tests/update-crypto-policies.sh: checking if --check works (test 1) The configured policy matches the generated policy The configured policy does NOT match the generated policy --check works as expected tests/update-crypto-policies.sh: checking if --check works (test 2) Setting system policy to DEFAULT Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. The configured policy matches the generated policy The configured policy does NOT match the generated policy --check works as expected cp -r tests/outputs output/alt python/build-crypto-policies.py --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: marking hash SHAKE-128 as secure gnutls[2]: cfg: marking hash SHA1 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature DSA-SHA256 as secure gnutls[2]: cfg: marking signature DSA-SHA384 as secure gnutls[2]: cfg: marking signature DSA-SHA512 as secure gnutls[2]: cfg: marking signature DSA-SHA224 as secure gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure gnutls[2]: cfg: marking signature RSA-SHA1 as secure gnutls[2]: cfg: marking signature DSA-SHA1 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version TLS1.1 gnutls[2]: cfg: enabling version TLS1.0 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: enabling version DTLS1.0 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp8bke1cb2 mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA1 is enabled for SSL-KX NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 9 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpwpq1a2s3 mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 15 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 8 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpl1f7peo_ mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp6yjce5qf mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp39u35umb mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 0 is deprecated, please rewrite your rules using etm@SSH = DISABLE_ETM; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpe0jnsvfa mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy FIPS:OSPP --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpd5_ubcq3 mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 11 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 5 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 11 NSS-POLICY-INFO: NUMBER-OF-ECC: 2 NSS-POLICY-INFO: NUMBER-OF-HASH: 6 NSS-POLICY-INFO: NUMBER-OF-MAC: 3 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 2 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 5 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy FIPS:ECDHE-ONLY --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp_astvs6w mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 16 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 2 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 12 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy FIPS:NO-ENFORCE-EMS --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 0 is deprecated, please rewrite your rules using hash@DNSSec = -SHA1 and sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp6v9j6b6_ mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 17 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 8 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 14 NSS-POLICY-INFO: NUMBER-OF-ECC: 4 NSS-POLICY-INFO: NUMBER-OF-HASH: 7 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 4 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 3 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 3 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 18 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy GOST-ONLY --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement python/build-crypto-policies.py --policy LEGACY:AD-SUPPORT --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_group is deprecated, please rewrite your rules using group@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: marking hash SHAKE-128 as secure gnutls[2]: cfg: marking hash SHA1 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature DSA-SHA256 as secure gnutls[2]: cfg: marking signature DSA-SHA384 as secure gnutls[2]: cfg: marking signature DSA-SHA512 as secure gnutls[2]: cfg: marking signature DSA-SHA224 as secure gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure gnutls[2]: cfg: marking signature RSA-SHA1 as secure gnutls[2]: cfg: marking signature DSA-SHA1 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature DSA-SHA1 as secure for certs gnutls[2]: cfg: marking signature rsa-sha1 as secure for certs gnutls[2]: cfg: marking signature dsa-sha1 as secure for certs gnutls[2]: cfg: marking signature ecdsa-sha1 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling cipher 3DES-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-DSS for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version TLS1.1 gnutls[2]: cfg: enabling version TLS1.0 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: enabling version DTLS1.0 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmp0876jny7 mtime 1759842703 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA1 is enabled for SSL-KX NSS-POLICY-INFO: SHA1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: DES-EDE3-CBC is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-DSS is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for SSL-KX NSS-POLICY-INFO: DSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 23 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 10 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 19 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 9 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 6 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 5 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 5 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_3DES_EDE_CBC_SHA is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 33 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy DEFAULT:GOST --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmphxrw02lu mtime 1759842704 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy python/build-crypto-policies.py --policy DEFAULT:TEST-PQ --test --flat tests/alternative-policies output/alt PolicySyntaxDeprecationWarning: Option protocol is deprecated, please rewrite your rules using protocol@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option tls_cipher is deprecated, please rewrite your rules using cipher@TLS; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_cipher is deprecated, please rewrite your rules using cipher@SSH; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ike_protocol is deprecated, please rewrite your rules using protocol@IKE; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option sha1_in_dnssec = 1 is deprecated, please rewrite your rules using hash@DNSSec = SHA1+ and sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Option ssh_etm = 1 is deprecated, please rewrite your rules using etm@SSH = ANY; be advised that it is not always a 1-1 replacement PolicySyntaxDeprecationWarning: Value X25519-MLKEM768 is deprecated, please rewrite your rules using MLKEM768-X25519 ExperimentalValueWarning: `group` values `MLKEM512`, `X25519-MLKEM512`, `MLKEM768`, `X448-MLKEM768`, `P256-MLKEM512`, `MLKEM1024`, `P384-MLKEM768`, `P521-MLKEM1024` are experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHAKE128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2192FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128SSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `SPHINCSSHA2128FSIMPLE` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON1024` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCONPADDED512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `FALCON512` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-BP384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA87-P384` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P521-MLDSA87` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-RSA3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA65-PSS3072` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P384-MLDSA65` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-BP256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-P256` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-ED25519` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-RSA2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `MLDSA44-PSS2048` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `RSA3072-MLDSA44` is experimental and might go away in the future ExperimentalValueWarning: `sign` value `P256-MLDSA44` is experimental and might go away in the future gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: marking hash SHA256 as secure gnutls[2]: cfg: marking hash SHA384 as secure gnutls[2]: cfg: marking hash SHA512 as secure gnutls[2]: cfg: marking hash SHA3-256 as secure gnutls[2]: cfg: marking hash SHA3-384 as secure gnutls[2]: cfg: marking hash SHA3-512 as secure gnutls[2]: cfg: marking hash SHA224 as secure gnutls[2]: cfg: marking hash SHA3-224 as secure gnutls[2]: cfg: marking hash SHAKE-256 as secure gnutls[2]: cfg: enabling MAC AEAD for TLS gnutls[2]: cfg: enabling MAC SHA1 for TLS gnutls[2]: cfg: enabling MAC SHA512 for TLS gnutls[2]: cfg: enabling group X25519-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP256R1-MLKEM768 for TLS gnutls[2]: cfg: enabling group SECP384R1-MLKEM1024 for TLS gnutls[2]: cfg: enabling group X25519 for TLS gnutls[2]: cfg: enabling group SECP256R1 for TLS gnutls[2]: cfg: enabling group X448 for TLS gnutls[2]: cfg: enabling group SECP521R1 for TLS gnutls[2]: cfg: enabling group SECP384R1 for TLS gnutls[2]: cfg: enabling group FFDHE2048 for TLS gnutls[2]: cfg: enabling group FFDHE3072 for TLS gnutls[2]: cfg: enabling group FFDHE4096 for TLS gnutls[2]: cfg: enabling group FFDHE6144 for TLS gnutls[2]: cfg: enabling group FFDHE8192 for TLS gnutls[2]: cfg: marking signature ML-DSA-44 as secure gnutls[2]: cfg: marking signature ML-DSA-65 as secure gnutls[2]: cfg: marking signature ML-DSA-87 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure gnutls[2]: cfg: marking signature RSA-SHA256 as secure gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure gnutls[2]: cfg: marking signature RSA-SHA384 as secure gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure gnutls[2]: cfg: marking signature RSA-SHA512 as secure gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure gnutls[2]: cfg: marking signature RSA-SHA224 as secure gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure gnutls[2]: cfg: marking signature ML-DSA-44 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-65 as secure for certs gnutls[2]: cfg: marking signature ML-DSA-87 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP256R1-SHA256 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP384R1-SHA384 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SECP521R1-SHA512 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed25519 as secure for certs gnutls[2]: cfg: marking signature EdDSA-Ed448 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-PSS-RSAE-SHA512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA256 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA384 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-512 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA512 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA224 as secure for certs gnutls[2]: cfg: marking signature ECDSA-SHA3-224 as secure for certs gnutls[2]: cfg: marking signature RSA-SHA3-224 as secure for certs gnutls[2]: cfg: enabling curve X25519 gnutls[2]: cfg: enabling curve SECP256R1 gnutls[2]: cfg: enabling curve X448 gnutls[2]: cfg: enabling curve SECP521R1 gnutls[2]: cfg: enabling curve SECP384R1 gnutls[2]: cfg: enabling curve Ed25519 gnutls[2]: cfg: enabling curve Ed448 gnutls[2]: cfg: enabling cipher AES-256-GCM for TLS gnutls[2]: cfg: enabling cipher AES-256-CCM for TLS gnutls[2]: cfg: enabling cipher CHACHA20-POLY1305 for TLS gnutls[2]: cfg: enabling cipher AES-256-CBC for TLS gnutls[2]: cfg: enabling cipher AES-128-GCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CCM for TLS gnutls[2]: cfg: enabling cipher AES-128-CBC for TLS gnutls[2]: cfg: enabling key exchange ECDHE-RSA for TLS gnutls[2]: cfg: enabling key exchange ECDHE-ECDSA for TLS gnutls[2]: cfg: enabling key exchange RSA for TLS gnutls[2]: cfg: enabling key exchange DHE-RSA for TLS gnutls[2]: cfg: enabling version TLS1.3 gnutls[2]: cfg: enabling version TLS1.2 gnutls[2]: cfg: enabling version DTLS1.2 gnutls[2]: cfg: adding priority: SYSTEM -> NONE gnutls[2]: cfg: loaded system config /tmp/tmpt50irvo8 mtime 1759842704 gnutls[2]: cfg: deferred setting system-wide priority string NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for SSL-KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP521R1 is enabled for SSL-KX NSS-POLICY-INFO: SECP521R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: CURVE25519 is enabled for SSL-KX NSS-POLICY-INFO: CURVE25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA224 is enabled for SSL-KX NSS-POLICY-INFO: SHA224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA256 is enabled for SSL-KX NSS-POLICY-INFO: SHA256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA384 is enabled for SSL-KX NSS-POLICY-INFO: SHA384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA512 is enabled for SSL-KX NSS-POLICY-INFO: SHA512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-224 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-224 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-256 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-256 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-384 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-384 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SHA3-512 is enabled for SSL-KX NSS-POLICY-INFO: SHA3-512 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: HMAC-SHA1 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA256 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA384 is enabled for SSL NSS-POLICY-INFO: HMAC-SHA512 is enabled for SSL NSS-POLICY-INFO: AES128-CBC is enabled for SSL NSS-POLICY-INFO: AES256-CBC is enabled for SSL NSS-POLICY-INFO: AES128-GCM is enabled for SSL NSS-POLICY-INFO: AES256-GCM is enabled for SSL NSS-POLICY-INFO: CHACHA20-POLY1305 is enabled for SSL NSS-POLICY-INFO: RSA is enabled for SSL-KX NSS-POLICY-INFO: DHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDHE-RSA is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PKCS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: RSA-PSS is enabled for SSL-KX NSS-POLICY-INFO: RSA-PSS is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ECDSA is enabled for SSL-KX NSS-POLICY-INFO: ECDSA is enabled for CERT-SIGNATURE NSS-POLICY-INFO: ED25519 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 20 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 17 NSS-POLICY-INFO: NUMBER-OF-ECC: 5 NSS-POLICY-INFO: NUMBER-OF-HASH: 8 NSS-POLICY-INFO: NUMBER-OF-MAC: 4 NSS-POLICY-INFO: NUMBER-OF-CIPHER: 5 NSS-POLICY-INFO: NUMBER-OF-SSL-KX: 4 NSS-POLICY-WARN: NUMBER-OF-SMIME-KX: 0 NSS-POLICY-INFO: NUMBER-OF-OTHER-SIGN: 4 NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_GCM_SHA384 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_128_CBC_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA is enabled NSS-POLICY-INFO: ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 is enabled NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 28 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 2 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 1 Pseudo-terminal will not be allocated because stdin is not a terminal. the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy the generated sequoia policy is valid TOML sequoia-policy-config-check returns 0 for the generated sequoia policy + RPM_EC=0 ++ jobs -p + exit 0 Processing files: crypto-policies-20250714-5.gitcd6043a.fc44.noarch Executing(%license): /bin/sh -e /var/tmp/rpm-tmp.NfzUGP + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + cd fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49 + LICENSEDIR=/builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/licenses/crypto-policies + export LC_ALL=C.UTF-8 + LC_ALL=C.UTF-8 + export LICENSEDIR + /usr/bin/mkdir -p /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/licenses/crypto-policies + cp -pr /builddir/build/BUILD/crypto-policies-20250714-build/fedora-crypto-policies-cd6043a-cd6043a774abf6e4d17116f1497a2032f5351d49/COPYING.LESSER /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT/usr/share/licenses/crypto-policies + RPM_EC=0 ++ jobs -p + exit 0 warning: absolute symlink: /etc/crypto-policies/back-ends/bind.config -> /usr/share/crypto-policies/DEFAULT/bind.txt warning: absolute symlink: /etc/crypto-policies/back-ends/gnutls.config -> /usr/share/crypto-policies/DEFAULT/gnutls.txt warning: absolute symlink: /etc/crypto-policies/back-ends/java.config -> /usr/share/crypto-policies/DEFAULT/java.txt warning: absolute symlink: /etc/crypto-policies/back-ends/krb5.config -> /usr/share/crypto-policies/DEFAULT/krb5.txt warning: absolute symlink: /etc/crypto-policies/back-ends/libreswan.config -> /usr/share/crypto-policies/DEFAULT/libreswan.txt warning: absolute symlink: /etc/crypto-policies/back-ends/libssh.config -> /usr/share/crypto-policies/DEFAULT/libssh.txt warning: absolute symlink: /etc/crypto-policies/back-ends/nss.config -> /usr/share/crypto-policies/DEFAULT/nss.txt warning: absolute symlink: /etc/crypto-policies/back-ends/openssh.config -> /usr/share/crypto-policies/DEFAULT/openssh.txt warning: absolute symlink: /etc/crypto-policies/back-ends/opensshserver.config -> /usr/share/crypto-policies/DEFAULT/opensshserver.txt warning: absolute symlink: /etc/crypto-policies/back-ends/openssl_fips.config -> /usr/share/crypto-policies/DEFAULT/openssl_fips.txt warning: absolute symlink: /etc/crypto-policies/back-ends/opensslcnf.config -> /usr/share/crypto-policies/DEFAULT/opensslcnf.txt warning: absolute symlink: /etc/crypto-policies/back-ends/rpm-sequoia.config -> /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt warning: absolute symlink: /etc/crypto-policies/back-ends/sequoia.config -> /usr/share/crypto-policies/DEFAULT/sequoia.txt Provides: config(crypto-policies) = 20250714-5.gitcd6043a.fc44 crypto-policies = 20250714-5.gitcd6043a.fc44 Requires(interp): /bin/sh Requires(rpmlib): rpmlib(BuiltinLuaScripts) <= 4.2.2-1 rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PartialHardlinkSets) <= 4.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 Requires(pre): /bin/sh Requires: /usr/bin/bash Conflicts: gnutls < 3.8.10 libreswan < 3.28 nss < 3.105 openssh < 9.9 openssl-libs < 1:3.5.0-1 Recommends: crypto-policies-scripts Processing files: crypto-policies-scripts-20250714-5.gitcd6043a.fc44.noarch Provides: crypto-policies-scripts = 20250714-5.gitcd6043a.fc44 Requires(interp): /bin/sh Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PartialHardlinkSets) <= 4.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 Requires(posttrans): /bin/sh Requires: /usr/bin/python3 /usr/bin/sh Recommends: (grubby if kernel) Checking for unpackaged file(s): /usr/lib/rpm/check-files /builddir/build/BUILD/crypto-policies-20250714-build/BUILDROOT Wrote: /builddir/build/RPMS/crypto-policies-20250714-5.gitcd6043a.fc44.noarch.rpm Wrote: /builddir/build/RPMS/crypto-policies-scripts-20250714-5.gitcd6043a.fc44.noarch.rpm Executing(rmbuild): /bin/sh -e /var/tmp/rpm-tmp.PGBxHH + umask 022 + cd /builddir/build/BUILD/crypto-policies-20250714-build + test -d /builddir/build/BUILD/crypto-policies-20250714-build + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w /builddir/build/BUILD/crypto-policies-20250714-build + rm -rf /builddir/build/BUILD/crypto-policies-20250714-build + RPM_EC=0 ++ jobs -p + exit 0 RPM build warnings: /builddir/build/originals/crypto-policies.spec line 64: autopatch: no matching patches in range absolute symlink: /etc/crypto-policies/back-ends/bind.config -> /usr/share/crypto-policies/DEFAULT/bind.txt absolute symlink: /etc/crypto-policies/back-ends/gnutls.config -> /usr/share/crypto-policies/DEFAULT/gnutls.txt absolute symlink: /etc/crypto-policies/back-ends/java.config -> /usr/share/crypto-policies/DEFAULT/java.txt absolute symlink: /etc/crypto-policies/back-ends/krb5.config -> /usr/share/crypto-policies/DEFAULT/krb5.txt absolute symlink: /etc/crypto-policies/back-ends/libreswan.config -> /usr/share/crypto-policies/DEFAULT/libreswan.txt absolute symlink: /etc/crypto-policies/back-ends/libssh.config -> /usr/share/crypto-policies/DEFAULT/libssh.txt absolute symlink: /etc/crypto-policies/back-ends/nss.config -> /usr/share/crypto-policies/DEFAULT/nss.txt absolute symlink: /etc/crypto-policies/back-ends/openssh.config -> /usr/share/crypto-policies/DEFAULT/openssh.txt absolute symlink: /etc/crypto-policies/back-ends/opensshserver.config -> /usr/share/crypto-policies/DEFAULT/opensshserver.txt absolute symlink: /etc/crypto-policies/back-ends/openssl_fips.config -> /usr/share/crypto-policies/DEFAULT/openssl_fips.txt absolute symlink: /etc/crypto-policies/back-ends/opensslcnf.config -> /usr/share/crypto-policies/DEFAULT/opensslcnf.txt absolute symlink: /etc/crypto-policies/back-ends/rpm-sequoia.config -> /usr/share/crypto-policies/DEFAULT/rpm-sequoia.txt absolute symlink: /etc/crypto-policies/back-ends/sequoia.config -> /usr/share/crypto-policies/DEFAULT/sequoia.txt Finish: rpmbuild crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm Finish: build phase for crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan INFO: /var/lib/mock/fedora-rawhide-x86_64-1759842660.151585/root/var/log/dnf5.log INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz /bin/tar: Removing leading `/' from member names INFO: Done(/var/lib/copr-rpmbuild/results/crypto-policies-20250714-5.gitcd6043a.fc44.src.rpm) Config(child) 0 minutes 23 seconds INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results INFO: Cleaning up build root ('cleanup_on_success=True') Start: clean chroot INFO: unmounting tmpfs. Finish: clean chroot Finish: run Running RPMResults tool Package info: { "packages": [ { "name": "crypto-policies", "epoch": null, "version": "20250714", "release": "5.gitcd6043a.fc44", "arch": "src" }, { "name": "crypto-policies-scripts", "epoch": null, "version": "20250714", "release": "5.gitcd6043a.fc44", "arch": "noarch" }, { "name": "crypto-policies", "epoch": null, "version": "20250714", "release": "5.gitcd6043a.fc44", "arch": "noarch" } ] } RPMResults finished