Closed Bug 484360 Opened 16 years ago Closed 16 years ago

Add CRLDP tests.

Categories

(NSS :: Test, defect, P2)

Product:
NSS
Component:
Test
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.4

People

(Reporter: slavomir.katuscak+mozilla, Assigned: slavomir.katuscak+mozilla)

References

Details

Attachments

(5 files)

CRLDP support for chains.sh. (checked in)
5.01 KB, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
Scenario file.
604 bytes, text/plain
Details
Scenario + small fixes.
4.78 KB, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
Fixed numbering of CRLs and enabled CRLDP tests.
1.30 KB, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
Fix for strings comparison.
803 bytes, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
Need to add CRLDP tests to NSS test suite.
Priority: -- → P2
Target Milestone: 3.12.3 → 3.12.4
Depends on: 497339
Patch adding CRLDP support to chains.sh. 1. Added crldp parameter for certificates, will add CRLDP link to certificate. Example of use: entity CA2 type Intermediate crldp CA0 issuer CA0 2. Added sendcrl command - copy selected CRL to path specified by NSS_AIA_PATH variable (the same as for AIA certificates) Example of use: sendcrl CA0 This functionality should be OK (CRLDP link is added correctly, CRL is copied), but testing scenario wouldn't work now, because vfychain doesn't support CRLDP fetching yet (see bug 497339).
Attachment #382486 - Flags: review?(alexei.volkov.bugs)
Attachment #382486 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 382486 [details] [diff] [review] CRLDP support for chains.sh. (checked in) Looks good. Please rename send_crl to something like copy_crl because this is what it does. Please provide scenario file for crldp.
Comment on attachment 382486 [details] [diff] [review] CRLDP support for chains.sh. (checked in) Checking in chains.sh; /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v <-- chains.sh new revision: 1.19; previous revision: 1.18 done
Attachment #382486 - Attachment description: CRLDP support for chains.sh. → CRLDP support for chains.sh. (checked in)
Attached file Scenario file.
This scenario is expected to test one not revoked cert (EE1) and one revoked cert (EE2). Certificate CA0 used for revocation is fetched via AIA, CRL is also expected to be fetched, but it isn't. I tried more experiments with flags, combination requireFreshInfo with crl fails for both EE1 and EE2, even without attempt to fetch certs from server (see bug 497339).
Attachment #382775 - Attachment is patch: true
Attachment #382775 - Attachment mime type: application/octet-stream → text/plain
Attachment #382775 - Attachment is patch: false
Scenario for CRLDP tests. Changes in chains.sh: -removed reason flag -added scenario numbering used for CRL files (to have unique file names and prevent problems when HTTP server caches them) -fixed bug when SERIAL variable was not cleaned after cert was created (caused that more certs were created with the same ID)
Attachment #389927 - Flags: review?(alexei.volkov.bugs)
Attachment #389927 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 389927 [details] [diff] [review] Scenario + small fixes. Thanks, Slavo. r+
Checking in chains.sh; /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v <-- chains.sh new revision: 1.21; previous revision: 1.20 done RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/crldp.cfg,v done Checking in scenarios/crldp.cfg; /cvsroot/mozilla/security/nss/tests/chains/scenarios/crldp.cfg,v <-- crldp.cfg initial revision: 1.1 done Checking in scenarios/scenarios; /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v <-- scenarios new revision: 1.6; previous revision: 1.5 done
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
I had to disable CRLDP tests, because Tinderboxes went orange. Checking in scenarios; /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v <-- scenarios new revision: 1.7; previous revision: 1.6 done
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Using date/time instead of numbering from 0 in CRL file names. In previous version when tests were run in more cycles in one run, they didn't have unique CRL file names, this patch fixes it.
Attachment #393775 - Flags: review?(alexei.volkov.bugs)
Comment on attachment 393775 [details] [diff] [review] Fixed numbering of CRLs and enabled CRLDP tests. r=alexei
Attachment #393775 - Flags: review?(alexei.volkov.bugs) → review+
Checking in chains.sh; /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v <-- chains.sh new revision: 1.23; previous revision: 1.22 done Checking in scenarios/scenarios; /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v <-- scenarios new revision: 1.8; previous revision: 1.7 done
Status: REOPENED → RESOLVED
Closed: 16 years ago16 years ago
Resolution: --- → FIXED
Still one minor problem on AIX, that doesn't accept == as string comparison: all.sh[12]: ==: 0403-012 A test command parameter is not valid.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Attachment #400975 - Flags: review?(alexei.volkov.bugs)
Attachment #400975 - Attachment is patch: true
Attachment #400975 - Attachment mime type: application/octet-stream → text/plain
Attachment #400975 - Flags: review?(alexei.volkov.bugs) → review+
Checking in chains.sh; /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v <-- chains.sh new revision: 1.24; previous revision: 1.23 done
Status: REOPENED → RESOLVED
Closed: 16 years ago16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: