You are here: TWiki> VOMS Web>VOMSTestPlan (2013-01-18, ValerioVenturi)

1 VOMS core testplan

1.1 Automated functionality and regression tests

Below, a correct PKI infrastructure is always assumed as needed input. This means a set of valid CAs, host certificates and user certificates.

Feature: The server starts

Description: A correctly configured VOMS server must start
(implemented) and it must stop (implemented)

Input needed: A correct set of configuration files
Test succeeds if: voms starts
Test fails if: voms does not start or it does not stop when started
Tested in: voms002.exp

Failure case: logs cannot be written
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms072.exp

Failure case: The DB's password cannot be read (e.g: missing)
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms134.exp

Failure case: The password file has wrong privileges
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms135.exp

Failure case: The password is too long (max length = 1023 chars)
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms136.exp

Failure case: The password did not end with a newline
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms137.exp

Failure case: The password is wrong
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms138.exp

Failure case: voms should not start when the lock file points to the
wrong process.
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms164.exp


Feature: voms-proxy-init without options must create a standard
proxy. (implemented)

Input needed: A user certificate with the corresponding private key
Test succeeds if: a grid proxy is created
Test fails if: a grid proxy is not created
Tested in: voms004.exp

Failure case: Fake arguments or options are provided in the command line
Test succeeds if: voms-proxy-init fails with an error message
Test fails if: otherwise
Tested in: voms0013.exp, voms126.exp

Failure case: The user certificate is missing
Test succeeds if: voms-proxy-init fails with an error message
Test fails if: otherwise
Tested in: voms095.exp

Failure case: The certificate and the key do not match each other.
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms144.exp

Failure case: The private key has incorrect permission, i.e not 600 or
400
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms145.exp

Failure case: The key file is empty
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms146.exp

Failure case: The key file is corrupted
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms147.exp

Failure case: The proxy file cannot be written.
Test succeeds if: an error message is returned
Test fails if: no error message
Tested in voms156.exp





Feature: voms-proxy-init with --voms option must create a VOMS
certificate (implemented)
Input needed: a valid VO configured
Test succeeds if: A VOMS proxy is created
Test fails is: A VOMS proxy is not created
Tested in: voms005.exp

Failure case: The VO does not exist
Test succeeds if: voms-proxy-init fails and the correct error is returned
Test fails if: otherwise
Tested in: voms132.exp

Failure case: The user certificate is expired:
Test succeeds if: voms-proxy-init fails and the correct error is
returned
Test fails if: otherwise
Tested in voms140.exp




Feature: voms-proxy-info prints information about a voms proxy
(implemented)
Input needed: a voms proxy
Test succeeds if: the program succeeds and prints the right
information
Test fails if: otherwise
Tested in: voms006.exp voms007.exp




Feature: voms-proxy-init can be used to request a role (implemented)
Input needed: a VO started
Test succeeds if: The role is granted
Test fails if: Otherwise
Tested in: voms008.exp

Failure case: The role does not exist
Test succeeds if: An error message is returned
Test fails if: otherwise
Tested in: voms065.exp, voms064.exp




Feature: voms-proxy-init allows requesting all attributes at the same
time (implemented)
Input needed: a VO started
Test succeeds if: The attributes are returned
Test fails if: otherwise
Tested in: voms009.exp




Feature: voms-proxy-init allows requesting attributes in a specific
order (implemented)
Input needed: A Vo started, with multiple attributes available
Test succceeds if: The attributes are present and in the order
requested
Test fails if: Otherwise
Tested in: voms010.exp, voms011.exp



Feature: voms-proxy-list allows asking a voms server which attributes
it may grant (implemented)
Input needed: A VO started
Test succeeds if: The list is returned and it is complete
Test fails if: otherwise
Tested in: voms012.exp

Failure case: Two voms server are specified in the command line.
Test succeeds if: specifying to voms servers causes an error
Test fails if: otherwise
Tested in: voms077.exp





Feature: voms-proxy-init allows to specify the validity of the
credentials (implemented)
Input needed: A VO started
Test succeeds if: the validity is as requested
Test fails if: otherwise
Tested in: voms014.exp

Failure case: The validity is too long (exceeds the credentials)
Input needed: A VO started
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms015.exp, voms041.exp

Failure case: The validity is unresoaneable, e.g: negative, h:m with
minutes greater than 59, etc...
Test succeeds if: improper cases return an error
Test fails if: otherwise
Tested in: voms130.exp, voms131.exp


Feature: voms-proxy-init allows to specify the validity of the
AC (implemented)
Input needed: A VO started
Test succeeds if: the validity is as requested
Test fails if: otherwise
Tested in: voms016.exp

Failure case: The validity is too long (exceeds the credentials)
Input needed: A VO started
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms017.exp




Feature: The log file is created with the proper permissions
(implemented)
Input needed: A VO started
Test succeeds if: The file has 600 permissions
Test fails if: otherwise
Tested in: voms018.exp




Feature: voms-proxy-info allows to verify if a proxy will still be
valid after a period of time (implemented)
Input needed: a proxy.
Test succeeds if: The check returns accurate results both when the
proxy should still be valid and when it should be nto
Test fails if: otherwise
Tested in: voms019.exp



Feature: voms can return short fqans (/group) but should default to
long one (/group/Role=NULL/Capability=NULL) (permitted)
Input needed: A VO Started
Test succeeds if: The FQANs are long
Test fails if: otherwise
Tested in: voms020.exp




Feature: voms can "target" ACs to specific hosts. (implemented)
Input needed: A VO started
Test succeeds if: The target information is present in the AC
Test fails if: otherwise
Tested in: voms021.exp




Feature: voms-proxy-info can check if a proxy contains an AC for a
specific VO. (implemented)
Input needed: A VOMS AC:
Test succeeds if: A present AC is detected as such, and a missing one
is also detected.
Test fails if: oterwise
Tested in: voms022.exp




Feature: voms-proxy-info can detect the tpe of proxy (gt2, gt3, rfc)
(implemented)
Input needed: a VOMS AC.
Test succeeds if: if the type is detected correctly
Test fails if: otherwise
Tested in: voms023.exp





Feature: voms-proxy-info cna print a text description of the
certificate, like that of openssl x509 -text (implemented)
Input needed: a valid proxy.
Test succeeds if: if the text is printed
Test fails if: otherwise
Tested in: voms024.exp, voms086.exp





Feature: voms-proxy-info can print the certificate chain of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the chain is described
Test fails if: otherwise
Tested in: voms025.exp





Feature: voms-proxy-info can print the subject of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the subject is printed
Test fails if: otherwise
Tested in: voms026.exp






Feature: voms-proxy-info can print the issuer of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the issuer is printed
Test fails if: otherwise
Tested in: voms027.exp





Feature: voms-proxy-info can print the identity of the proxy's owner
(implemented)
Input needed: a valid proxy
Test succeeds if: if the owner is printed
Test fails if: otherwise
Tested in: voms028.exp





Feature: voms-proxy-info can print the remaining validity of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the remaining validity is printed
Test fails if: otherwise
Tested in: voms029.exp





Feature: voms-proxy-info can print the strength of the proxy (implemented)
Input needed: a valid proxy
Test succeeds if: if the strength is printed correctly
Test fails if: otherwise
Tested in: voms030.exp





Feature: voms-proxy-info can print the path at which the proxy is found
(implemented)
Input needed: a valid proxy
Test succeeds if: if the path to the proxy is printed
Test fails if: otherwise
Tested in: voms031.exp





Feature: voms-proxy-info can print the name of the VO present in the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the name is printed and correct
Test fails if: otherwise
Tested in: voms032.exp




Feature: voms-proxy-info can print the fqans in the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the fqans are printed
Test fails if: otherwise
Tested in: voms033.exp




Feature: voms-proxy-info can print the owner of the ac (implemented)
Input needed: a valid proxy
Test succeeds if: if the owner is printed
Test fails if: otherwise
Tested in: voms034.exp





Feature: voms-proxy-info can print the issuer of the ac (implemented)
Input needed: a valid proxy
Test succeeds if: if the issuer of the ac is printed
Test fails if: otherwise
Tested in: voms035.exp




Feature: voms-proxy-info can print the remaining validity of the ac
(implemented)
Input needed: a valid proxy
Test succeeds if: if the remaining validity is printed
Test fails if: otherwise
Tested in: voms036.exp






Feature: voms-proxy-info can print the serial number of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the serial number is printed
Test fails if: otherwise
Tested in: voms037.exp






Feature: voms-proxy-init can avoid printing anything in case of
success (implemented)
Input needed: a VO started
Test succeeds if: if the voms-proxy-init is effectively quiet
Test fails if: otherwise
Tested in: voms038.exp






Feature: voms-proxy-init can verify the proxy created (implemented)
Input needed: a valid proxy, a revoked user certificate
Test succeeds if: if the revocation is noticed
Test fails if: otherwise
Tested in: voms039.exp






Feature: voms-proxy-info can create limited proxies (gt2) (implemented)
Input needed: a started vo
Test succeeds if: if a limited proxy is created
Test fails if: otherwise
Tested in: voms040.exp






Feature: voms-proxy-init can create a proxy valid X hours (implemented)
Input needed: a started vo
Test succeeds if: if the proxy validity is correct
Test fails if: otherwise
Tested in: voms041.exp






Feature: voms-proxy-init can select the strength of the proxy (implemented)
Input needed: a started vo
Test succeeds if: if the correct strength is set
Test fails if: otherwise
Tested in: voms042.exp

Failure case: The strength is unacceptable (e.g: 5000)
Test succeeds if: a proper error message is returned
Test fails if: otherwise
Tested in: voms129.exp





Feature: voms-proxy-init can include a user-specified file in the proxy
(implemented)
Input needed: a started vo
Test succeeds if: if the file is included
Test fails if: otherwise
Tested in: voms043.exp






Feature: voms-proxy-init can contact the server using an already
existing proxy for authentication, with or without pre-existing voms
credentials (implemented)
Input needed: a started vo
Test succeeds if: if the proxy is correctly created
Test fails if: otherwise
Tested in: voms044.exp, voms061






Feature: voms-proxy-init can print the AC on a separate file
(implemented)
Input needed: a started vo
Test succeeds if: the file is created and contains an AC
Test fails if: otherwise
Tested in: voms045.exp, voms123.exp

Failure case: The file cannot be written
Test succeeds if: a proper error message is returned
Test fails if: otherwise
Tested in: voms133.exp





Feature: voms-proxy-init can be told to treat warnings as if they were
errors (implemented)
Input needed: a started vo
Test succeeds if: if voms-proxy-init fails on a warning
Test fails if: otherwise
Tested in: voms046.exp






Feature: voms-proxy-init can be told to ignore warnings
(implemented)
Input needed: a started vo
Test succeeds if: if warnings are ignored
Test fails if: otherwise
Tested in: voms047.exp






Feature: voms-proxy-init can read its options from a file
(implemented)
Input needed: a started vo
Test succeeds if: if the file is read and the options recognized
Test fails if: otherwise
Tested in: voms048.exp






Feature: voms-proxy-init can specify the path-length constraint on an
RFC proxy (implemented)
Input needed: a started vo
Test succeeds if: if the proxy contains the constraint
Test fails if: otherwise
Tested in: voms049.exp






Feature: voms-proxy-init can specify the policy language and policy id
on an RFC proxy (implemented)
Input needed: a started vo
Test succeeds if: if the proxy specifies the id and the language
Test fails if: otherwise
Tested in: voms050.exp






Feature: voms-proxy-destroy can delete a proxy (implemented)
Input needed: an existing proxy
Test succeeds if: if the proxy is deleted
Test fails if: otherwise
Tested in: voms051.exp






Feature: voms allows to specify the (approximate) maximum size of a
log file befor eit is rotated (implemented)
Input needed: a started voms
Test succeeds if: if thep maximum size is approximately respected
Test fails if: otherwise
Tested in: voms053.exp






Feature: voms can skip checking CAs when authenticating users (implemented)
Input needed: a started vo
Test succeeds if: if a user with the same DN but a differnt CA than
what is registered in voms is accepted.
Test fails if: otherwise
Tested in: voms054.exp






Feature: voms by default matches both DN and CA when authenticating users
(implemented)
Input needed: a started vo
Test succeeds if: if a user with the same DN but a different CA than
what is registered in voms is refused
Test fails if: otherwise
Tested in: voms055.exp






Feature: voms can drop stalled connections after a few seconds
(implemented)
Input needed: a started vo
Test succeeds if: if a stalled connection is dropped by the server
Test fails if: otherwise
Tested in: voms056.exp






Feature: voms can set a specific uri as the server endpoint in the AC
(implemented)
Input needed: a started vo
Test succeeds if: if the AC is created with the stated URI
Test fails if: otherwise
Tested in: voms057.exp






Feature: voms-proxy-info can print the uri of the voms server that
created the AC (implemented)
Input needed: an existing proxy
Test succeeds if: if the AC contains the right URI
Test fails if: otherwise
Tested in: voms058.exp






Feature: if voms-proxy-init asks for a role as the first fqan, that role is placed first
among the fqans in the AC (implemented)
Input needed: a started vo
Test succeeds if: if the role is first
Test fails if: otherwise
Tested in: voms059.exp






Feature: voms-proxy-init allows requesting several attributes by using
several --voms options (implemented)
Input needed: a started vo
Test succeeds if: if several --voms options work as expected
Test fails if: otherwise
Tested in: voms060.exp






Feature: voms-proxy-init returns an error message if the user is not
registerd in the VO (implemented)
Input needed: a started vo
Test succeeds if: if the request fails and the correct message is returned
Test fails if: otherwise
Tested in: voms062.exp, voms063.exp






Feature: voms-proxy-init should treat options starting with -+
correctle rather than segfaulting (implemented)
Input needed: a started vo
Test succeeds if: if the request fails and a proper error message is returned.
Test fails if: otherwise
Tested in: voms066.exp






Feature: voms-proxy-info should report a missing X509_CERT_DIR as an
error (implemented)
Input needed: an existing proxy
Test succeeds if: output is print
Test fails if: otherwise
Tested in: voms067.exp






Feature: voms can be told not to log on its own logfile (implemented)
Input needed: a configured VO
Test succeeds if: if voms starts and does not write a logfile
Test fails if: otherwise
Tested in: voms068.exp






Feature: voms can rotate its own logfile. This rotation should work
even if one of he intermediate files is missing (implemented)
Input needed: a started vo
Test succeeds if: rotation works when one of the already rotated logs
is missing
Test fails if: otherwise
Tested in: voms069.exp






Feature: voms-proxy-init can generate gt2 proxies with the --old
option (implemented)
Input needed: a started vo
Test succeeds if: if the --old option works
Test fails if: otherwise
Tested in: voms070.exp






Feature: voms-proxy-init should fail if passed unrecognized options
(implemented)
Input needed: a started vo
Test succeeds if: if voms-proxy-init fails with unrecognized options
Test fails if: otherwise
Tested in: voms071.exp






Feature: if voms is told to use a logfile, it should fail to start if
it cannot write it. (implemented)
Input needed: a started vo
Test succeeds if: voms fails to start when the log file cannot be written
Test fails if: otherwise
Tested in: voms072.exp






Feature: The log rotation done by voms can be disabled (implemented)
Input needed: a started vo
Test succeeds if: disabling the log rotation works
Test fails if: otherwise
Tested in: voms073.exp






Feature: voms-proxy-fake when run without arguments should create a
standard proxy and not cause an error (implemented)
Input needed: a valid PKI
Test succeeds if: no errors are reported and a proxy is created
Test fails if: otherwise
Tested in: voms074.exp, voms075.exp






Feature: voms-proxy-init can be told to drop the connection if a
timeout is reached (implemented)
Input needed: a started vo
Test succeeds if: if the connection is dropped when the timeout is reached
Test fails if: otherwise
Tested in: voms076a.exp, voms076b.exp






Feature: voms-proxy-fake should report its own version (implemented)
Input needed: none
Test succeeds if: if the version is correctly reported
Test fails if: otherwise
Tested in: voms078.exp






Feature: voms-proxy-fake can create and insert ACs in the proxy
(implemented)
Input needed: a valid PKI
Test succeeds if: if an AC is inserted in the proxy
Test fails if: otherwise
Tested in: voms079.exp






Feature: voms-proxy-init should report when the proxy certificate wll
expire after the user certificate (implemented)
Input needed: a started vo
Test succeeds if: if it is reported
Test fails if: otherwise
Tested in: voms080.exp






Feature: voms-proxy-info should report an error when it cannot find
the CA certificates (implemented)
Input needed: a valid proxy
Test succeeds if: if a message is printed
Test fails if: otherwise
Tested in: voms081.exp






Feature: voms-proxy-info can check the strength of the proxy (implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct results
Test fails if: otherwise
Tested in: voms082.exp






Feature: voms-proxy-info can check the remaining validity of a proxy
(implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct result
Test fails if: otherwise
Tested in: voms083.exp






Feature: voms-proxy-init should return an error message when it cannot
verify the AC returned from the server (implemented)
Input needed: a started vo
Test succeeds if: if the error is printed
Test fails if: otherwise
Tested in: voms084.exp






Feature: voms-proxy-info can check if an AC is present (implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct result
Test fails if: otherwise
Tested in: voms085.exp






Feature: voms-proxy-init can return its own version (implemented)
Input needed: none
Test succeeds if: the version is printed
Test fails if: otherwise
Tested in: voms087.exp






Feature: voms-proxy-init can print an help message (implemented)
Input needed: a started vo
Test succeeds if: the help message is printed
Test fails if: otherwise
Tested in: voms088.exp






Feature: voms should refuse adding new credentials to an AC that does
not already have them (implemented)
Input needed: a started vo
Test succeeds if: if the AC is not created
Test fails if: otherwise
Tested in: voms089.exp






Feature: voms-proxy-fake allows to specify the subject of the proxy it
creates (implemented)
Input needed: a valid PKI
Test succeeds if: the subject is the one specified
Test fails if: otherwise
Tested in: voms090.exp






Feature: voms-proxy-fake should allow reading the options that specify
the AC type from a file
(implemented)
Input needed: a valid PKI
Test succeeds if: the file is read, and the AC created as specified
Test fails if: otherwise
Tested in: voms091.exp, voms092.exp






Feature: voms and voms-proxy-init should work with server certificates
including email in the DN (implemented)
Input needed: a started vo
Test succeeds if: a voms proxy can be created from such a server
Test fails if: otherwise
Tested in: voms093.exp






Feature: lsc files in vomdir should work in place of host certificates
(implemented)
Input needed: a started vo
Test succeeds if: voms and voms-proxy-init still works
Test fails if: otherwise
Tested in: voms094.exp, voms154.exp, voms155.exp






Feature: voms-proxy-init shouls accept passwords from stdin (implemented)
Input needed: a started vo
Test succeeds if: the password is accepted
Test fails if: otherwise
Tested in: voms096.exp

Failure case: No password is present on stdin
Test succeeds if: Proper error message is printed
Test fails if: otherwise
Tested in voms127.exp






Feature: voms-proxy-init must fail if requested to create a proxy type
which does not exist (implemented)
Input needed: a started vo
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms097.exp






Feature: voms can change most (but not all) of its configuration
without requiring a restart (implemented)
Input needed: a started vo
Test succeeds if: if the change is recognized
Test fails if: otherwise
Tested in: voms098.exp






Feature: voms supports a REST protocol for accepting requests (implemented)
Input needed: a started vo
Test succeeds if: if several type of requests succeed
Test fails if: otherwise
Tested in: voms099.exp, voms100.exp, voms101.exp, voms102.exp,
voms103.exp, voms104.exp, voms107.exp






Feature: voms-proxy-init can insert an already existing AC in a proxy
(implemented)
Input needed: a started vo and an AC
Test succeeds if: the AC is correctly inserted, and an incorrect AC is
refused.
Test fails if: otherwise
Tested in: voms105.exp, voms106.exp






Feature: voms-proxy-info can print the contents of the KeyUsage
extension of the proxy (implemented)
Input needed: a started vo
Test succeeds if: the content of the extension is printed
Test fails if: otherwise
Tested in: voms108.exp






Feature: voms-proxy-destroy can be executed in dry-run mode (implemented)
Input needed: an existing proxy
Test succeeds if: dry-run mode works
Test fails if: otherwise
Tested in: voms109.exp






Feature: voms-proxy-fake can backdate the AC it creates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the AC is backdated by the right amount
Test fails if: otherwise
Tested in: voms110.exp






Feature: voms-proxy-fake can backdate the proxy it creates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the proxy is backdated by the right amount
Test fails if: otherwise
Tested in: voms111.exp






Feature: voms-proxy-fake allows to specify the contents of the
KeyUsage extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested keyusage
Test fails if: otherwise
Tested in: voms112.exp

Failure case: Invalid values for the extension:
Test succeed if: voms-proxy-fake fails
Test fails if: otherwise
Tested in: voms157.exp





Feature: voms-proxy-fake allows to specify the contents of the
ExtendedKeyUsage extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested extended keyusage
Test fails if: otherwise
Tested in: voms113.exp






Feature: voms-proxy-fake allows to specify the contents of the
NsCert extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested nscert
Test fails if: otherwise
Tested in: voms114.exp






Feature: voms-proxy-fake allows the creation of self-signed certificates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: if the certificate is self-signed
Test fails if: otherwise
Tested in: voms115.exp, voms149.exp

Failure case: At leas one between --newsubject and --newissuer must be
specified along with --selfsigned
Test succeeds if: the absence of both causes a failure
Test fails if: otherwise
Tested in: voms150.exp





Feature: voms-proxy-fake allow adding user-specified extensions to the
proxy or to the AC (implemented)
Input needed: a PKI infrastructure
Test succeeds if: if the extension is present
Test fails if: otherwise
Tested in: voms116.exp, voms117.exp, voms118.exp, voms119.exp, voms120.exp






Feature: voms-proxy-fake allows to select the serial number of the
created certificate (implemented)
Input needed: a started vo
Test succeeds if: the serial number is correct
Test fails if: otherwise
Tested in: voms121.exp






Feature: voms-proxy-init allows saving the proxy in a specified
location rather than the default one (implemented)
Input needed: a started vo
Test succeeds if: the proxy is in the specified location
Test fails if: otherwise
Tested in: voms122.exp






Feature: voms-proxy-init can print a set of debug informations during
its executione (note: subject to change without warning from build to
build. Users must not rely on it) (implemented)
Input needed: a started vo
Test succeeds if: the debug info is present
Test fails if: otherwise
Tested in: voms124.exp






Feature: voms-proxy-init detects an incorrect vomses file (implemented)
Input needed: a started vo
Test succeeds if: the incorrect file is detected
Test fails if: otherwise
Tested in: voms125.exp






Feature: voms-proxy-init require policy files when policy languages
are specified for RFC proxies (implemented)
Input needed: a started vo
Test succeeds if: an error message is returned
Test fails if: otherwise
Tested in: voms128.exp






Feature: voms inserts the name of the VO in the AC it creates (implemented)
Input needed: a started vo
Test succeeds if: the vo name is present
Test fails if: otherwise
Tested in: voms138.exp






Feature: voms-proxy-init can read certificates in pkcs12 format (implemented)
Input needed: a started vo
Test succeeds if: the certificate is read correctly and the proxy is created
Test fails if: otherwise
Tested in: voms141.exp






Feature: Specifying a strength of 0 in voms-proxy-init and
voms-proxy-fake means "use the default strength" (implemented)
Input needed: a started vo
Test succeeds if: The default strength is used in the proxy
Test fails if: otherwise
Tested in: voms142.exp, voms143.exp






Feature: voms-proxy-fake allow using non-printable chars while
specifying anew subject or a new issuer by specifying them in hex
preceded by '\' (implemented)
Input needed: a valid PKI
Test succeeds if: the char is correctly translated
Test fails if: otherwise
Tested in: voms148.exp






Feature: voms-proxy-fake can save the proxy and the AC in separate
files (implemented)
Input needed: a valid PKI
Test succeeds if: if ac and proxy are saved in separate locations
Test fails if: otherwise
Tested in: voms151.exp






Feature: voms-proxy-init can be told to not validate the ac, via
command line or env variables (implemented)
Input needed: a started vo
Test succeeds if: validation does not take place
Test fails if: otherwise
Tested in: voms152.exp, voms153.exp






Feature: voms must not redefine the "email" OID (implemented)
Input needed: none
Test succeeds if: the OID is not redefined
Test fails if: otherwise
Tested in: voms158.exp






Feature: The man pages must not have references to edg (implemented)
Input needed: none
Test succeeds if: no reference is present
Test fails if: otherwise
Tested in: voms159.exp






Feature: voms-proxy-info must succeed on a plain proxy (implemented)
Input needed: a started vo
Test succeeds if: voms-proxy-info succeeded
Test fails if: otherwise
Tested in: voms160.exp






Feature: voms should not install world writable files or dirs, nor
should the jar file have executable permission (implemented)
Input needed: none
Test succeeds if: there are no such files
Test fails if: otherwise
Tested in: voms161.exp, voms162.exp






Feature: voms-proxy-init --noregen of an RFC proxy must work (implemented)
Input needed: a started vo
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms165.exp






Feature: voms-proxy-init must read vomses files in .voms if present, and in .glite if .voms is absent (implemented)
Input needed: a started vo
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms166.exp, voms167.exp






Feature: For voms-proxy-fake, --ga must be also available from the command line, not just from the voinfo files (implemented)
Input needed: a PKI infrastructure correctly installed
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms168.exp






Feature: Basic unit tests of voms C APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-c001.exp, vomsapi-c002.exp, vomsapi-c003.exp,
vomsapi-c004.exp, vomsapi-c005.exp, vomsapi-c006.exp,
vomsapi-c007.exp, vomsapi-c008.exp, vomsapi-c009.exp,
vomsapi-c010.exp, vomsapi-c011.exp, vomsapi-c012.exp,
vomsapi-c013.exp, vomsapi-c014.exp, vomsapi-c015.exp,
vomsapi-c016.exp, vomsapi-c017.exp, vomsapi-c018.exp,
vomsapi-c019.exp, vomsapi-c020.exp, vomsapi-c021.exp,
vomsapi-c022.exp, vomsapi-c023.exp, vomsapi-c024.exp,
vomsapi-c025.exp, vomsapi-c026.exp, vomsapi-c027.exp,
vomsapi-c028.exp, vomsapi-c029.exp




Feature: Basic unit tests of voms C++ APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-cpp001.exp, vomsapi-cpp002.exp, vomsapi-cpp003.exp,
vomsapi-cpp004.exp, vomsapi-cpp005.exp, vomsapi-cpp006.exp,
vomsapi-cpp007.exp





Feature: Basic unit tests of voms C APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-java001.exp, vomsapi-java002.exp,
vomsapi-java003.exp, vomsapi-java004.exp, vomsapi-java005.exp,
vomsapi-java006.exp, vomsapi-java007.exp, vomsapi-java008.exp,
vomsapi-java009.exp, vomsapi-java010.exp, vomsapi-java011.exp

1.1.1 [VOMS] AC query fails when more than two fqans are explicitly requested (https://savannah.cern.ch/bugs/?91228)

This issue is tested automatically by the VOMS core testsuite (test voms170.exp).

1.1.2 [VOMS] A vulnerability has been found in VOMS (https://savannah.cern.ch/bugs/?91728)

Description of the test: This issue is tested automatically by the VOMS core testsuite.

1.1.3 A vulnerability has been found in VOMS Java APIs (http://issues.cnaf.infn.it/browse/VOMS-131)

Description of the test: This issue is tested automatically by VOMS Java APIs unit test suite

1.1.4 [VOMS] Invalid proxy generated by VOMS in case keyUsage extension is not present. (https://savannah.cern.ch/bugs/?91183)

Description of the test: This issue is tested automatically by the new VOMS Robot Framework testsuite.

1.1.5 [VOMS JAVA API] VOMS Java APIs works under heavy load

Description of the test: This issue is tested automatically by the voms-api-java build time testing voms-api-java build time testing.

1.2 Manual regression tests

1.2.1 [VOMS] Fix /etc/sysconfig/voms inclusion in voms init.d script (https://savannah.cern.ch/bugs/?85381)

Unset the

VOMS_LOCATION 
VOMS_LOCATION_VAR
VOMS_LOCATION_CONF
environment variables and check that the VOMS init scripts work as expected.

1.2.2 [VOMS] Wrong GlueServiceVersion published by EMI VOMS (https://savannah.cern.ch/bugs/?85380)

Check that the GlueServiceVersion and GLUE2EndpointImplementationVersion published by VOMS and VOMS-Admin are equal to the versions of the installed rpms.

1.2.3 [VOMS] VOMS should not bother about /etc/nologin (https://savannah.cern.ch/bugs/index.php?84943)

Check that VOMS correctly ignores the /etc/nologin file at startup (VOMS refused to start in the past).

1.2.4 [VOMS] VOMS configuration does not add itself as a service (https://savannah.cern.ch/bugs/?83005)

Check that VOMS is activated for all meaningful runlevels after installation and configuration (ensure this holds also for an upgrade scenario).

1.2.5 [voms-api-java] PKIUtils ERROR should be a WARNING (https://savannah.cern.ch/bugs/?84649)

Check in a running service that uses the VOMS Java APIs (e.g., the Argus PAP), that the

ERROR [PKIUtils] - keyUsage extension present, but CertSign bit not active.

error message is not printed.

1.2.6 [VOMS Java API] Failed to verify RFC proxy and crash (https://savannah.cern.ch/bugs/?88550)

Check in a running service that uses the VOMS Java APIs (e.g., the Argus PAP), that a VOMS RFC proxy can be correctly verified.

https://wiki.italiangrid.it/twiki/bin/view/VOMS/VOMSTestPlan

1.2.7 [VOMS] VOMS MySQL plugin causes 'Aborted connection' warnings on MySQL (https://savannah.cern.ch/bugs/?93456 )

  1. Configure a MySQL based VO.
  2. Add a user to the VO.
  3. Run a large number of AC requests against the VOMS server for that user (e.g., 500 requests).
  4. Set the log-warnings=2 in the MySQL configuration, typically /etc/my.cnf.
  5. Ensure that the mysql log doesn't contain an "Aborted connection" warning for each request (some aborted connections are accetable).

1.2.8 [VOMS] VOMS fails in producing AC if certificate subject name contains an apostrophe (https://savannah.cern.ch/bugs/?93455 )

  1. Create a test certificate containing an apostrophe.
  2. Register this certificate in VOMS.
  3. Ensure that it's possible to obtain an AC out of VOMS with the just created certificate.

1.2.9 [VOMS] YAIM VOMS should provide a way to configure --skipcacheck voms configuration parameter (https://savannah.cern.ch/bugs/?89202 )

  1. Configure a VO with YAIM specifying the VOMS_SKIP_CA_CHECK variable.
  2. Ensure that the /etc//voms.conf configuration file contains the --skipcacheck after the configuration.

1.2.10 [VOMS] Middleman process crashes (Oracle backend) (https://savannah.cern.ch/bugs/?86273 )

  1. Configure an Oracle VO.
  2. Add a user to the VO.
  3. Check that no crash is observed for large number of AC requests for that user (e.g., 50000 requests)

1.2.11 [VOMS API Java] VOMSTrustManager getAcceptedIssuers() returns 3 x all the trust anchors (https://savannah.cern.ch/bugs/?90112 )

  1. This needs a specialized test program.

1.2.12 [VOMS API Java] VOMS Java APIs should provide sensible truststore refresh default (https://savannah.cern.ch/bugs/?93551 )

  1. This needs a specialized test program.

-- AndreaCeccanti - 2012-03-01

Topic revision: r6 - 2013-01-18 - ValerioVenturi
 
TWIKI.NET
This site is powered by the TWiki collaboration platformCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback