certmonger

Clone

#156 Make it possible to run NSS db type specific tests separately
Closed 3 years ago by rcritten. Opened 3 years ago by slev.
slev/certmonger dbm_tests  into  master

file added
+381 
@@ -0,0 +1,381 @@ 
 

+ [(CAB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(CAD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(CAD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Root Certificate D3 CT,C,C
 

+ 

+ [(EntryB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Per-certificate Signing Authority D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Per-certificate Signing Authority D1 CT,C,C
 

+ 

+ [(EntryD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Per-certificate Signing Authority D3 ,, 

+ [dba]
 

+ Per-certificate Signing Authority D3 ,, 

+ 

+ [(EntryCB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Per-certificate Signing Authority CD1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Per-certificate Signing Authority CD1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(EntryCD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(EntryCD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ Per-certificate Signing Authority CD3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Per-certificate Signing Authority CD3 ,, 

+ Root Certificate D3 CT,C,C
 

+ 

+ [(EntryCAB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(EntryCAD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(EntryCAD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Root Certificate D3 CT,C,C
 

+ 

+ OK.

file added
+3 
@@ -0,0 +1,3 @@ 
 

+ #!/bin/bash -e
 

+ 

+ exec env scheme=dbm ../025-casave/run.sh

file added
+381 
@@ -0,0 +1,381 @@ 
 

+ [(CAB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(CAD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(CAD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(CAD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Root Certificate D3 CT,C,C
 

+ 

+ [(EntryB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Per-certificate Signing Authority D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Per-certificate Signing Authority D1 CT,C,C
 

+ 

+ [(EntryD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Per-certificate Signing Authority D3 ,, 

+ [dba]
 

+ Per-certificate Signing Authority D3 ,, 

+ 

+ [(EntryCB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Per-certificate Signing Authority CD1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Per-certificate Signing Authority CD1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(EntryCD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(EntryCD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ Per-certificate Signing Authority CD3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Per-certificate Signing Authority CD3 ,, 

+ Root Certificate D3 CT,C,C
 

+ 

+ [(EntryCAB1)]
 

+ [bundle1]
 

+ 2
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAB2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 1
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAB3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 2
 

+ [bundle-all]
 

+ 6
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ 

+ [(EntryCAD1)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ Root Certificate D1 CT,C,C
 

+ [db2]
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D1 ,, 

+ Other Root Certificate D1 CT,C,C
 

+ Root Certificate D1 CT,C,C
 

+ 

+ [(EntryCAD2)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ Other Root Certificate D2 CT,C,C
 

+ [db3]
 

+ [dba]
 

+ Other Certificate D2 ,, 

+ Other Root Certificate D2 CT,C,C
 

+ Root Certificate D2 CT,C,C
 

+ 

+ [(EntryCAD3)]
 

+ [bundle1]
 

+ 0
 

+ [bundle2]
 

+ 0
 

+ [bundle3]
 

+ 0
 

+ [bundle-all]
 

+ 0
 

+ [db1]
 

+ [db2]
 

+ [db3]
 

+ Other Certificate D3 ,, 

+ [dba]
 

+ Other Certificate D3 ,, 

+ Other Root Certificate D3 CT,C,C
 

+ Root Certificate D3 CT,C,C
 

+ 

+ OK.

file added
+3 
@@ -0,0 +1,3 @@ 
 

+ #!/bin/bash -e
 

+ 

+ exec env scheme=sql ../025-casave/run.sh

file modified
+19 -18 
@@ -2,6 +2,7 @@ 
 

  

  cd $tmpdir
 

  

+ scheme="${scheme:-dbm}"
 

  cat > $tmpdir/entrycb1 <<- EOF
 

  id=EntryCB1
 

  ca_name=CAB1
 
@@ -196,7 +197,7 @@ 
 

  root_cert_files=
 

  other_root_cert_files=
 

  other_cert_files=
 

- root_cert_dbs=dbm:$tmpdir/db1,dbm:$tmpdir/dba
 

+ root_cert_dbs=$scheme:$tmpdir/db1,$scheme:$tmpdir/dba
 

  other_root_cert_dbs=
 

  other_cert_dbs=
 

  cert_roots=Per-certificate Signing Authority D1
 
@@ -229,7 +230,7 @@ 
 

  other_root_cert_files=
 

  other_cert_files=
 

  root_cert_dbs=
 

- other_root_cert_dbs=dbm:$tmpdir/db2,dbm:$tmpdir/dba
 

+ other_root_cert_dbs=$scheme:$tmpdir/db2,$scheme:$tmpdir/dba
 

  other_cert_dbs=
 

  EOF
 

  cat > $tmpdir/entryd3 <<- EOF
 
@@ -239,7 +240,7 @@ 
 

  other_cert_files=
 

  root_cert_dbs=
 

  other_root_cert_dbs=
 

- other_cert_dbs=dbm:$tmpdir/db3,dbm:$tmpdir/dba
 

+ other_cert_dbs=$scheme:$tmpdir/db3,$scheme:$tmpdir/dba
 

  cert_chain=Per-certificate Signing Authority D3
 

   -----BEGIN CERTIFICATE-----
 

   MIIDjjCCAnagAwIBAgIRALuVK2FuXklPuMP4qtRyQjUwDQYJKoZIhvcNAQELBQAw
 
@@ -300,7 +301,7 @@ 
 

  root_cert_files=
 

  other_root_cert_files=
 

  other_cert_files=
 

- root_cert_dbs=dbm:$tmpdir/db1,dbm:$tmpdir/dba
 

+ root_cert_dbs=$scheme:$tmpdir/db1,$scheme:$tmpdir/dba
 

  other_root_cert_dbs=
 

  other_cert_dbs=
 

  EOF
 
@@ -311,7 +312,7 @@ 
 

  other_root_cert_files=
 

  other_cert_files=
 

  root_cert_dbs=
 

- other_root_cert_dbs=dbm:$tmpdir/db2,dbm:$tmpdir/dba
 

+ other_root_cert_dbs=$scheme:$tmpdir/db2,$scheme:$tmpdir/dba
 

  other_cert_dbs=
 

  EOF
 

  cat > $tmpdir/entrycad3 <<- EOF
 
@@ -322,7 +323,7 @@ 
 

  other_cert_files=
 

  root_cert_dbs=
 

  other_root_cert_dbs=
 

- other_cert_dbs=dbm:$tmpdir/db3,dbm:$tmpdir/dba
 

+ other_cert_dbs=$scheme:$tmpdir/db3,$scheme:$tmpdir/dba
 

  EOF
 

  

  cat > $tmpdir/cab1 <<- EOF
 
@@ -564,9 +565,9 @@ 
 

  ca_root_cert_files=
 

  ca_other_root_cert_files=
 

  ca_other_cert_files=
 

- ca_root_cert_dbs=dbm:$tmpdir/db1,dbm:$tmpdir/dba
 

- ca_other_root_cert_dbs=dbm:$tmpdir/dba
 

- ca_other_cert_dbs=dbm:$tmpdir/dba
 

+ ca_root_cert_dbs=$scheme:$tmpdir/db1,$scheme:$tmpdir/dba
 

+ ca_other_root_cert_dbs=$scheme:$tmpdir/dba
 

+ ca_other_cert_dbs=$scheme:$tmpdir/dba
 

  ca_root_certs=Root Certificate D1
 

   -----BEGIN CERTIFICATE-----
 

   MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 
@@ -639,9 +640,9 @@ 
 

  ca_root_cert_files=
 

  ca_other_root_cert_files=
 

  ca_other_cert_files=
 

- ca_root_cert_dbs=dbm:$tmpdir/dba
 

- ca_other_root_cert_dbs=dbm:$tmpdir/db2,dbm:$tmpdir/dba
 

- ca_other_cert_dbs=dbm:$tmpdir/dba
 

+ ca_root_cert_dbs=$scheme:$tmpdir/dba
 

+ ca_other_root_cert_dbs=$scheme:$tmpdir/db2,$scheme:$tmpdir/dba
 

+ ca_other_cert_dbs=$scheme:$tmpdir/dba
 

  ca_root_certs=Root Certificate D2
 

   -----BEGIN CERTIFICATE-----
 

   MIIEDzCCAvegAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJTSzET
 
@@ -722,9 +723,9 @@ 
 

  ca_root_cert_files=
 

  ca_other_root_cert_files=
 

  ca_other_cert_files=
 

- ca_root_cert_dbs=,dbm:$tmpdir/dba
 

- ca_other_root_cert_dbs=,dbm:$tmpdir/dba,
 

- ca_other_cert_dbs=dbm:$tmpdir/db3,dbm:$tmpdir/dba
 

+ ca_root_cert_dbs=,$scheme:$tmpdir/dba
 

+ ca_other_root_cert_dbs=,$scheme:$tmpdir/dba,
 

+ ca_other_cert_dbs=$scheme:$tmpdir/db3,$scheme:$tmpdir/dba
 

  ca_root_certs=Root Certificate D3
 

   -----BEGIN CERTIFICATE-----
 

   MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 
@@ -796,9 +797,9 @@ 
 

  ca_root_cert_files=$tmpdir/bundle-all
 

  ca_other_root_cert_files=
 

  ca_other_cert_files=
 

- ca_root_cert_dbs=dbm:$tmpdir/dba
 

- ca_other_root_cert_dbs=,dbm:$tmpdir/dba
 

- ca_other_cert_dbs=,dbm:$tmpdir/dba
 

+ ca_root_cert_dbs=$scheme:$tmpdir/dba
 

+ ca_other_root_cert_dbs=,$scheme:$tmpdir/dba
 

+ ca_other_cert_dbs=,$scheme:$tmpdir/dba
 

  ca_root_certs=Root Certificate DA
 

   -----BEGIN CERTIFICATE-----
 

   MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL

file modified
+20 -9 
@@ -8,6 +8,10 @@ 
 

  	001-keyiread-rsa/actual.err \
 

  	002-keygen/actual.out \
 

  	002-keygen/actual.err \
 

+ 	002-keygen-dbm/actual.out \
 

+ 	002-keygen-dbm/actual.err \
 

+ 	002-keygen-sql/actual.out \
 

+ 	002-keygen-sql/actual.err \
 

  	002-keygen-dsa/actual.out \
 

  	002-keygen-dsa/actual.err \
 

  	002-keygen-ec/actual.out \
 
@@ -92,6 +96,10 @@ 
 

  	024-citerate/actual.err \
 

  	025-casave/actual.out \
 

  	025-casave/actual.err \
 

+ 	025-casave-dbm/actual.out \
 

+ 	025-casave-dbm/actual.err \
 

+ 	025-casave-sql/actual.out \
 

+ 	025-casave-sql/actual.err \
 

  	026-local/actual.out \
 

  	026-local/actual.err \
 

  	027-hooks/actual.out \
 
@@ -138,6 +146,10 @@ 
 

  	002-keygen/prequal.sh \
 

  	002-keygen/run.sh \
 

  	002-keygen/expected.out \
 

+ 	002-keygen-dbm/run.sh \
 

+ 	002-keygen-dbm/expected.out \
 

+ 	002-keygen-sql/run.sh \
 

+ 	002-keygen-sql/expected.out \
 

  	002-keygen-rsa/prequal.sh \
 

  	002-keygen-rsa/run.sh \
 

  	002-keygen-rsa/expected.out \
 
@@ -263,6 +275,10 @@ 
 

  	024-citerate/run.sh \
 

  	025-casave/expected.out \
 

  	025-casave/run.sh \
 

+ 	025-casave-dbm/expected.out \
 

+ 	025-casave-dbm/run.sh \
 

+ 	025-casave-sql/expected.out \
 

+ 	025-casave-sql/run.sh \
 

  	026-local/expected.out \
 

  	026-local/run.sh \
 

  	027-hooks/expected.out \
 
@@ -344,7 +360,6 @@ 
 

  subdirs = \
 

  	001-keyiread \
 

  	001-keyiread-rsa \
 

- 	002-keygen \
 

  	002-keygen-rsa \
 

  	003-csrgen \
 

  	003-csrgen-rsa \
 
@@ -352,24 +367,17 @@ 
 

  	004-selfsign-rsa \
 

  	005-dbusm \
 

  	006-serial \
 

- 	007-certsave \
 

  	008-certread \
 

  	009-oiddict \
 

  	010-iterate \
 

- 	011-dbinit \
 

- 	012-dbadd \
 

- 	013-enckey \
 

  	014-prefs \
 

- 	015-lockedkey \
 

  	016-dates \
 

- 	017-notoken \
 

  	018-pembase \
 

  	019-dparse \
 

  	021-resume \
 

  	022-base64 \
 

  	023-cadata \
 

  	024-citerate \
 

- 	025-casave \
 

  	026-local \
 

  	027-hooks \
 

  	028-dbus \
 
@@ -378,7 +386,6 @@ 
 

  	031-pkcs7 \
 

  	032-chain \
 

  	033-scep \
 

- 	034-perms \
 

  	035-json \
 

  	036-getcert \
 

  	037-rekey2 \
 
@@ -387,23 +394,27 @@ 
 

  

  if HAVE_DBM_NSSDB
 

  subdirs += \
 

+ 	002-keygen-dbm \
 

  	007-certsave-dbm \
 

  	011-dbinit-dbm \
 

  	012-dbadd-dbm \
 

  	013-enckey-dbm \
 

  	015-lockedkey-dbm \
 

  	017-notoken-dbm \
 

+ 	025-casave-dbm \
 

  	034-perms-dbm
 

  endif
 

  

  if HAVE_SQL_NSSDB
 

  subdirs += \
 

+ 	002-keygen-sql \
 

  	007-certsave-sql \
 

  	011-dbinit-sql \
 

  	012-dbadd-sql \
 

  	013-enckey-sql \
 

  	015-lockedkey-sql \
 

  	017-notoken-sql \
 

+ 	025-casave-sql \
 

  	034-perms-sql
 

  endif

If NSS is configured with NSS_DISABLE_DBM then Certmonger's tests which are related to DBM fail. The legacy NSS db type(DBM) will be eventually disabled. Thus, Certmonger should handle this.

NSS db specific tests are placed under the corresponding HAVE_SQL_NSSDB and HAVE_DBM_NSSDB sections.

Fixes: https://pagure.io/certmonger/issue/155

025-casave-sql fails:

[builder@localhost tests]$ srcdir=$(pwd) builddir=$(pwd) ./run-tests.sh 025-casave-sql:

Running test 025-casave-sql... Files /usr/src/tmp/runtests51ups2 and expected.out differ
FAIL
--- /usr/src/tmp/runtests51ups2 2020-06-10 09:31:28.838170763 +0000
+++ expected.out        2020-06-10 06:16:03.397980276 +0000
@@ -50,13 +50,13 @@
 [bundle-all]
 0
 [db1]
-Root Certificate D1 ,, 
+Root Certificate D1 CT,C,C
 [db2]
 [db3]
 [dba]
 Other Certificate D1 ,, 
-Other Root Certificate D1 ,, 
-Root Certificate D1 ,, 
+Other Root Certificate D1 CT,C,C
+Root Certificate D1 CT,C,C

 [(CAD2)]
 [bundle1]
@@ -69,12 +69,12 @@
 0
 [db1]
 [db2]
-Other Root Certificate D2 ,, 
+Other Root Certificate D2 CT,C,C
 [db3]
 [dba]
 Other Certificate D2 ,, 
-Other Root Certificate D2 ,, 
-Root Certificate D2 ,, 
+Other Root Certificate D2 CT,C,C
+Root Certificate D2 CT,C,C
...

, while 025-casave-dbm passed.

sql db:

[builder@localhost tests]$ certutil -d sql:/usr/src/tmp/runtestsof9jMu/dba -L

Database needs user init

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

Root Certificate D3                                          ,,   
Other Root Certificate D3                                    ,,   
Other Certificate D3                                         ,,

dbm:

[builder@localhost tests]$ certutil -d dbm:/usr/src/tmp/runtestsfG5JsF/dba -L

Database needs user init

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

Root Certificate D3                                          CT,C,C
Other Certificate D3                                         ,,   
Other Root Certificate D3                                    CT,C,C

Metadata Update from @rcritten:
- Request assigned
3 years ago

I'll see if I can figure out why the permissions are different, I duplicated it locally as well.

I suspect that the non dbm/sql directories can be removed with this as well

002-keygen
007-certsave
011-dbinit
012-dbadd
013-enckey
015-lockedkey
017-notoken
025-casave
034-perms

Never mind about removing directories, I see what you did now.

I think the issue is in how the certificate is being added. certmonger is using CERT_ImportCerts() and i think it should be using PK11_ImportCert(). I made similar changes related to tokens.

I have a candidate patch. The issue is that casave will create the NSS db if it doesn't already exist, as is the case for these tests. It doesn't initialize a PIN in that case and the sqlite implementation requires it apparently. I'm still going to switch to PK11_ImportCert() and add a bit more error handling, plus set an empty PIN if the db doesn't already have one.

Does my patch work for you? I attached it to the issue.

Closed in favor PR 159 which combined the two patch sets. That PR was merged.

Pull-Request has been closed by rcritten
3 years ago
Metadata
No Tags
Changes Summary 6
+381
file added
tests/025-casave-dbm/expected.out
+3
file added
tests/025-casave-dbm/run.sh
+381
file added
tests/025-casave-sql/expected.out
+3
file added
tests/025-casave-sql/run.sh
+19 -18
file changed
tests/025-casave/run.sh
+20 -9
file changed
tests/Makefile.am
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.