Closed
Bug 488646
Opened 15 years ago
Closed 15 years ago
test errors in chains.sh
Categories
(NSS :: Test, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.4
People
(Reporter: wolfiR, Assigned: slavomir.katuscak+mozilla)
References
Details
Attachments
(1 file)
2.94 KB,
patch
|
alvolkov.bgs
:
review+
|
Details | Diff | Splinter Review |
Running the testsuite (all.sh) on NSS 3.12.3 shows the following three failures: Returned value is 0, expected result is fail chains.sh: #1875: OCSP: Verifying certificate(s) OCSPEE12.cert OCSPCA1.cert with flags -g leaf -m ocsp -d OCSPRootDB -t OCSPRoot - FAILED Returned value is 0, expected result is fail chains.sh: #3333: OCSP: Verifying certificate(s) OCSPEE12.cert OCSPCA1.cert with flags -g leaf -m ocsp -d OCSPRootDB -t OCSPRoot - FAILED Returned value is 0, expected result is fail chains.sh: #5362: OCSP: Verifying certificate(s) OCSPEE12.cert OCSPCA1.cert with flags -g leaf -m ocsp -d OCSPRootDB -t OCSPRoot - FAILED
Assignee | ||
Comment 1•15 years ago
|
||
Thanks for reporting this bug. I see now where's the problem, OCSPEE12.cert was expected to be revoked, and contains OCSP AIA link to pre-configured OCSP server, that is accessible only from Sun, as we test only from internal network, this was not noticed. I'm going to prepare a patch to disable those tests from external network.
Assignee: nobody → slavomir.katuscak
Priority: -- → P2
Target Milestone: --- → 3.12.4
Assignee | ||
Comment 2•15 years ago
|
||
Patch to disable OCSP tests when OCSP server is not accessible. It parses one of certs and gets OCSP AIA hostname from it. Then try to ping it to check whether server is accessible or not (there was needed to add exceptions for Windows and HP-UX, because ping syntax is a bit different), and if server is not accessible, scenario doesn't continue (next scenarios are processed). I haven't verified final patch on all supported platforms, I only tried to run there ping manually.
Attachment #373303 -
Flags: review?(alexei.volkov.bugs)
Comment 3•15 years ago
|
||
Comment on attachment 373303 [details] [diff] [review] Patch v1. lets try it.
Attachment #373303 -
Flags: review?(alexei.volkov.bugs) → review+
Reporter | ||
Comment 4•15 years ago
|
||
I can confirm that the testsuite doesn't fail anymore.
Assignee | ||
Comment 6•15 years ago
|
||
Checking in chains.sh; /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v <-- chains.sh new revision: 1.17; previous revision: 1.16 done Checking in scenarios/ocsp.cfg; /cvsroot/mozilla/security/nss/tests/chains/scenarios/ocsp.cfg,v <-- ocsp.cfg new revision: 1.5; previous revision: 1.4 done
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•