Closed
Bug 112504
Opened 23 years ago
Closed 23 years ago
Test suites do not test cert and key db error cases.
Categories
(NSS :: Test, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.4
People
(Reporter: rrelyea, Assigned: sonja.mirtitsch)
Details
Attachments
(6 files, 2 obsolete files)
|
4.62 KB,
patch
|
Details | Diff | Splinter Review | |
|
1.14 KB,
text/plain
|
Details | |
|
6.43 KB,
patch
|
Details | Diff | Splinter Review | |
|
5.42 KB,
patch
|
Details | Diff | Splinter Review | |
|
6.92 KB,
text/plain
|
Details | |
|
3.58 KB,
text/html
|
Details |
We currently do not have tests to make sure NSS fails if it cannot open the cert and key db's. We need to test the following cases: 1) try to open cert and key DB's read only, but specify an empty & not existant directory. NSS_Init should fail. 2) try to open cert and key DB's read/write from a read only directory. NSS_InitReadWrite() should fail. 3) try to open cert and key DB's read/write forced from a read only directory. NSS_Initialize() with the force flag should succeed. We already test opening cert and key DB's read/write in an empty directory (certutil -N -d directory). and Read Only with a non-empty directory (selfserv/tstclnt). bob
|
Assignee | |
Comment 1•23 years ago
|
||
1 and 2 seem to be easy, using existing tools. 3 requires either adding the NSS_INIT_FORCEOPEN to one of the existing tools, or writing of a new tool. I would very much prefer to write my own utility and just hook the build of it into the regular build, than to touch any of the existing tools. Please advise.
|
|
Assignee | |
Comment 2•23 years ago
|
||
|
|
Assignee | |
Comment 3•23 years ago
|
||
please check the messages
|
|
Assignee | |
Updated•23 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: waiting for more specifications and review
Target Milestone: --- → 3.4
|
Reporter | |
Comment 4•23 years ago
|
||
Generally looks good, just a couple of comments: 1) We should examine the error code from tstclnt closely. It's likely tstclnt will fail because it can't connect to selfserv, in which case we will get a false negative (The test will incorrectly succeed even if we allow the Init to succeed when it should have failed). I have some patched for certutil with will conditionally open the database R/O for certain operations (like -L) with an option to override. Maybe I should check those patches in, as long as it doesn't break any other tests. 2) I don't see an issue with you adding a new test binary the handle these specific conditions (specifically case 3) to security/nss/cmd. bob
|
|
Assignee | |
Comment 5•23 years ago
|
||
|
|
Assignee | |
Comment 6•23 years ago
|
||
|
|
Assignee | |
Comment 7•23 years ago
|
||
|
|
Assignee | |
Comment 8•23 years ago
|
||
|
|
Assignee | |
Updated•23 years ago
|
Attachment #60284 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 9•23 years ago
|
||
|
|
Assignee | |
Comment 10•23 years ago
|
||
|
|
Assignee | |
Updated•23 years ago
|
Attachment #60349 -
Attachment is obsolete: true
|
|
Reporter | |
Comment 11•23 years ago
|
||
One other test case, try forcing an empty directory and a non-existant directory open.: dbtest -r -d $(EMPTY_DIR) -f /*should succeed */ dbtest -d ./nonexistantdir -f /* should succeed */ Everything else looks good r=relyea.
|
|
Assignee | |
Comment 12•23 years ago
|
||
all changes checked in, tinderboxes passed on most platforms
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Comment 13•23 years ago
|
||
Comment on attachment 60454 [details] [diff] [review] program to test db >/* >** dbtest.c >** >** utility for managing certificates and the cert database >** >*/ This comment does not describe what this test does. (The comment probably comes from certutil.c.) Could you fix it? Thanks.
Attachment #60454 -
Flags: needs-work+
|
|
Assignee | |
Comment 14•23 years ago
|
||
changed the comment
Whiteboard: waiting for more specifications and review
You need to log in
before you can comment on or make changes to this bug.
Description
•