55b9b3c9d4
When given an unprefixed path, CentOS7 system NSS 3.67 apparently
ignores the nice unit test database and creates a legacy "dbm:" one in
the same directory, which is of course empty.
This causes:
xmlsecurity/qa/unit/signing/signing.cxx:570:aaa_testODFX509CertificateChain::TestBody
equality assertion failed
- Expected: 0
- Actual : 1
The intermediate/root CA certificates are read from the signature and
added with CERT_NewTempCertificate(), which then does a lookup in the
database to find the trust flags of the certificate:
0 nssTrust_GetCERTCertTrustForCert () at pki3hack.c:610
1 fill_CERTCertificateFields () at pki3hack.c:819
2 stan_GetCERTCertificate () at pki3hack.c:926
3 STAN_GetCERTCertificate () at pki3hack.c:973
4 add_cert_to_cache () at tdcache.c:721
5 nssTrustDomain_AddCertsToCache () at tdcache.c:849
6 cert_createObject () at pkibase.c:1023
7 nssPKIObjectCollection_GetObjects () at pkibase.c:853
8 nssPKIObjectCollection_GetCertificates () at pkibase.c:1077
9 nssTrustDomain_FindCertificateByIssuerAndSerialNumber () at trustdomain.c:796
10 nssTrustDomain_FindCertificateByEncodedCertificate () at trustdomain.c:839
11 NSSTrustDomain_FindCertificateByEncodedCertificate () at trustdomain.c:852
12 CERT_NewTempCertificate () at stanpcertdb.c:366
13 __CERT_NewTempCertificate () at stanpcertdb.c:474
14 SecurityEnvironment_NssImpl::verifyCertificate() () at xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx:524
Change-Id: If334d056a9e13ad806e3ea1a03d395d606fd3d84
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133622
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
||
|---|---|---|
| .. | ||
| source | ||
| IwyuFilter_unotest.yaml | ||
| Jar_test-tools.mk | ||
| Jar_test.mk | ||
| Library_unobootstrapprotector.mk | ||
| Library_unoexceptionprotector.mk | ||
| Library_unotest.mk | ||
| Makefile | ||
| Module_unotest.mk | ||
| README.md | ||
Tests for UNO
Contains tests for UNO