certmonger/0005-Run-key-generation-tests-against-both-dbm-and-sqlite.patch
Rob Crittenden 6155daa274 Fixes for F28 switch to sqlite as the default NSS database type
- Patch to fix NSS handling of keys in sqlite databases
- Patches to fix tests now that sqlite is the NSS default.

Also fix building in rawhide due to packaging changes

- Remove BR on mktemp. It is now provided by coreutils.
2018-01-16 16:14:56 -05:00

315 lines
7.5 KiB
Diff

From 920572235f82eb3a88a3b8dd274f809baee31c67 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 9 Jan 2018 22:54:06 -0500
Subject: [PATCH 5/6] Run key generation tests against both dbm and sqlite
databases
Related: https://pagure.io/certmonger/issue/88
---
tests/002-keygen-dbm/expected.out | 99 +++++++++++++++++++++++++++++++++++++++
tests/002-keygen-dbm/run.sh | 2 +
tests/002-keygen-sql/expected.out | 99 +++++++++++++++++++++++++++++++++++++++
tests/002-keygen-sql/run.sh | 2 +
tests/002-keygen/expected.out | 4 +-
tests/002-keygen/run.sh | 12 +++--
6 files changed, 211 insertions(+), 7 deletions(-)
create mode 100644 tests/002-keygen-dbm/expected.out
create mode 100755 tests/002-keygen-dbm/run.sh
create mode 100644 tests/002-keygen-sql/expected.out
create mode 100755 tests/002-keygen-sql/run.sh
diff --git a/tests/002-keygen-dbm/expected.out b/tests/002-keygen-dbm/expected.out
new file mode 100644
index 00000000..dcd1af06
--- /dev/null
+++ b/tests/002-keygen-dbm/expected.out
@@ -0,0 +1,99 @@
+[nss:1024]
+OK.
+OK (RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+keyi1024
+keyi1024 (candidate (next))
+[nss:1536]
+OK.
+OK (RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+keyi1536
+keyi1536 (candidate (next))
+[nss:2048]
+OK.
+OK (RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+keyi2048
+keyi2048 (candidate (next))
+[nss:3072]
+OK.
+OK (RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+keyi3072
+keyi3072 (candidate (next))
+[nss:4096]
+OK.
+OK (RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+keyi4096
+keyi4096 (candidate (next))
+[nss:rosubdir]
+Failed to save NSS:dbm:${tmpdir}/rosubdir: need fs permissions.
+[nss:rwsubdir]
+Failed to save NSS:dbm:${tmpdir}/rwsubdir: need fs permissions.
+[openssl:1024]
+OK.
+OK (RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+${tmpdir}/sample.1024
+${tmpdir}/sample.1024.(next).key
+[openssl:1536]
+OK.
+OK (RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+${tmpdir}/sample.1536
+${tmpdir}/sample.1536.(next).key
+[openssl:2048]
+OK.
+OK (RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+${tmpdir}/sample.2048
+${tmpdir}/sample.2048.(next).key
+[openssl:3072]
+OK.
+OK (RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+${tmpdir}/sample.3072
+${tmpdir}/sample.3072.(next).key
+[openssl:4096]
+OK.
+OK (RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+${tmpdir}/sample.4096
+${tmpdir}/sample.4096.(next).key
+[openssl:rosubdir]
+Failed to save FILE:${tmpdir}/rosubdir/sample.4096: need fs permissions.
+[openssl:rwsubdir]
+Failed to save FILE:${tmpdir}/rwsubdir/sample.4096: need fs permissions.
+Test complete.
diff --git a/tests/002-keygen-dbm/run.sh b/tests/002-keygen-dbm/run.sh
new file mode 100755
index 00000000..36323947
--- /dev/null
+++ b/tests/002-keygen-dbm/run.sh
@@ -0,0 +1,2 @@
+#!/bin/bash -e
+exec env scheme=dbm: ../002-keygen/run.sh
diff --git a/tests/002-keygen-sql/expected.out b/tests/002-keygen-sql/expected.out
new file mode 100644
index 00000000..178f1b3a
--- /dev/null
+++ b/tests/002-keygen-sql/expected.out
@@ -0,0 +1,99 @@
+[nss:1024]
+OK.
+OK (RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+keyi1024
+keyi1024 (candidate (next))
+[nss:1536]
+OK.
+OK (RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+keyi1536
+keyi1536 (candidate (next))
+[nss:2048]
+OK.
+OK (RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+keyi2048
+keyi2048 (candidate (next))
+[nss:3072]
+OK.
+OK (RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+keyi3072
+keyi3072 (candidate (next))
+[nss:4096]
+OK.
+OK (RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+keyi4096
+keyi4096 (candidate (next))
+[nss:rosubdir]
+Failed to save NSS:sql:${tmpdir}/rosubdir: need fs permissions.
+[nss:rwsubdir]
+Failed to save NSS:sql:${tmpdir}/rwsubdir: need fs permissions.
+[openssl:1024]
+OK.
+OK (RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+OK.
+OK (RSA:1024 after RSA:1024).
+${tmpdir}/sample.1024
+${tmpdir}/sample.1024.(next).key
+[openssl:1536]
+OK.
+OK (RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+OK.
+OK (RSA:1536 after RSA:1536).
+${tmpdir}/sample.1536
+${tmpdir}/sample.1536.(next).key
+[openssl:2048]
+OK.
+OK (RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+OK.
+OK (RSA:2048 after RSA:2048).
+${tmpdir}/sample.2048
+${tmpdir}/sample.2048.(next).key
+[openssl:3072]
+OK.
+OK (RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+OK.
+OK (RSA:3072 after RSA:3072).
+${tmpdir}/sample.3072
+${tmpdir}/sample.3072.(next).key
+[openssl:4096]
+OK.
+OK (RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+OK.
+OK (RSA:4096 after RSA:4096).
+${tmpdir}/sample.4096
+${tmpdir}/sample.4096.(next).key
+[openssl:rosubdir]
+Failed to save FILE:${tmpdir}/rosubdir/sample.4096: need fs permissions.
+[openssl:rwsubdir]
+Failed to save FILE:${tmpdir}/rwsubdir/sample.4096: need fs permissions.
+Test complete.
diff --git a/tests/002-keygen-sql/run.sh b/tests/002-keygen-sql/run.sh
new file mode 100755
index 00000000..cd5bc978
--- /dev/null
+++ b/tests/002-keygen-sql/run.sh
@@ -0,0 +1,2 @@
+#!/bin/bash -e
+exec env scheme=sql: ../002-keygen/run.sh
diff --git a/tests/002-keygen/expected.out b/tests/002-keygen/expected.out
index ff56372a..dcd1af06 100644
--- a/tests/002-keygen/expected.out
+++ b/tests/002-keygen/expected.out
@@ -44,9 +44,9 @@ OK (RSA:4096 after RSA:4096).
keyi4096
keyi4096 (candidate (next))
[nss:rosubdir]
-Failed to save NSS:${tmpdir}/rosubdir: need fs permissions.
+Failed to save NSS:dbm:${tmpdir}/rosubdir: need fs permissions.
[nss:rwsubdir]
-Failed to save NSS:${tmpdir}/rwsubdir: need fs permissions.
+Failed to save NSS:dbm:${tmpdir}/rwsubdir: need fs permissions.
[openssl:1024]
OK.
OK (RSA:1024).
diff --git a/tests/002-keygen/run.sh b/tests/002-keygen/run.sh
index f550feeb..08af1523 100755
--- a/tests/002-keygen/run.sh
+++ b/tests/002-keygen/run.sh
@@ -2,15 +2,17 @@
cd "$tmpdir"
+scheme="${scheme:-dbm:}"
+
source "$srcdir"/functions
-initnssdb "$tmpdir"
+initnssdb "$scheme$tmpdir"
for size in 1024 1536 2048 3072 4096 ; do
echo "[nss:$size]"
# Generate a key.
cat > entry.$size <<- EOF
key_storage_type=NSSDB
- key_storage_location=$tmpdir
+ key_storage_location=$scheme$tmpdir
key_nickname=keyi$size
key_gen_size=$size
EOF
@@ -28,13 +30,13 @@ for size in 1024 1536 2048 3072 4096 ; do
# Extract the marker.
marker=`grep ^key_next_marker= entry.$size | cut -f2- -d=`
# Make sure we're clean.
- run_certutil -K -d "$tmpdir" | grep keyi$size | sed -e 's,.*keyi,keyi,' -e s,"${marker:-////////}","(next)",g | env LANG=C sort
+ run_certutil -K -d "$scheme$tmpdir" | grep keyi$size | sed -e 's,.*keyi,keyi,' -e s,"${marker:-////////}","(next)",g | env LANG=C sort
done
echo "[nss:rosubdir]"
cat > entry.$size <<- EOF
key_storage_type=NSSDB
-key_storage_location=$tmpdir/rosubdir
+key_storage_location=$scheme$tmpdir/rosubdir
key_nickname=keyi$size
key_gen_size=$size
EOF
@@ -43,7 +45,7 @@ $toolsdir/keygen entry.$size || true
echo "[nss:rwsubdir]"
cat > entry.$size <<- EOF
key_storage_type=NSSDB
-key_storage_location=$tmpdir/rwsubdir
+key_storage_location=$scheme$tmpdir/rwsubdir
key_nickname=keyi$size
key_gen_size=$size
EOF
--
2.15.1