1 VOMS core testplan
1.1 Automated functionality and regression tests
Below, a correct PKI infrastructure is always assumed as needed
input. This means a set of valid CAs, host certificates and user
certificates.
Feature: The server starts
Description: A correctly configured VOMS server must start
(implemented) and it must stop (implemented)
Input needed: A correct set of configuration files
Test succeeds if: voms starts
Test fails if: voms does not start or it does not stop when started
Tested in: voms002.exp
Failure case: logs cannot be written
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms072.exp
Failure case: The DB's password cannot be read (e.g: missing)
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms134.exp
Failure case: The password file has wrong privileges
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms135.exp
Failure case: The password is too long (max length = 1023 chars)
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms136.exp
Failure case: The password did not end with a newline
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms137.exp
Failure case: The password is wrong
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms138.exp
Failure case: voms should not start when the lock file points to the
wrong process.
Test succeeds if: voms does not start
Test fails if: voms starts
Tested in: voms164.exp
Feature: voms-proxy-init without options must create a standard
proxy. (implemented)
Input needed: A user certificate with the corresponding private key
Test succeeds if: a grid proxy is created
Test fails if: a grid proxy is not created
Tested in: voms004.exp
Failure case: Fake arguments or options are provided in the command line
Test succeeds if: voms-proxy-init fails with an error message
Test fails if: otherwise
Tested in: voms0013.exp, voms126.exp
Failure case: The user certificate is missing
Test succeeds if: voms-proxy-init fails with an error message
Test fails if: otherwise
Tested in: voms095.exp
Failure case: The certificate and the key do not match each other.
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms144.exp
Failure case: The private key has incorrect permission, i.e not 600 or
400
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms145.exp
Failure case: The key file is empty
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms146.exp
Failure case: The key file is corrupted
Test succeeds if: a grid proxy is not created
Test fails if: a grid proxy is created
Tested in: voms147.exp
Failure case: The proxy file cannot be written.
Test succeeds if: an error message is returned
Test fails if: no error message
Tested in voms156.exp
Feature: voms-proxy-init with --voms option must create a VOMS
certificate (implemented)
Input needed: a valid VO configured
Test succeeds if: A VOMS proxy is created
Test fails is: A VOMS proxy is not created
Tested in: voms005.exp
Failure case: The VO does not exist
Test succeeds if: voms-proxy-init fails and the correct error is returned
Test fails if: otherwise
Tested in: voms132.exp
Failure case: The user certificate is expired:
Test succeeds if: voms-proxy-init fails and the correct error is
returned
Test fails if: otherwise
Tested in voms140.exp
Feature: voms-proxy-info prints information about a voms proxy
(implemented)
Input needed: a voms proxy
Test succeeds if: the program succeeds and prints the right
information
Test fails if: otherwise
Tested in: voms006.exp voms007.exp
Feature: voms-proxy-init can be used to request a role (implemented)
Input needed: a VO started
Test succeeds if: The role is granted
Test fails if: Otherwise
Tested in: voms008.exp
Failure case: The role does not exist
Test succeeds if: An error message is returned
Test fails if: otherwise
Tested in: voms065.exp, voms064.exp
Feature: voms-proxy-init allows requesting all attributes at the same
time (implemented)
Input needed: a VO started
Test succeeds if: The attributes are returned
Test fails if: otherwise
Tested in: voms009.exp
Feature: voms-proxy-init allows requesting attributes in a specific
order (implemented)
Input needed: A Vo started, with multiple attributes available
Test succceeds if: The attributes are present and in the order
requested
Test fails if: Otherwise
Tested in: voms010.exp, voms011.exp
Feature: voms-proxy-list allows asking a voms server which attributes
it may grant (implemented)
Input needed: A VO started
Test succeeds if: The list is returned and it is complete
Test fails if: otherwise
Tested in: voms012.exp
Failure case: Two voms server are specified in the command line.
Test succeeds if: specifying to voms servers causes an error
Test fails if: otherwise
Tested in: voms077.exp
Feature: voms-proxy-init allows to specify the validity of the
credentials (implemented)
Input needed: A VO started
Test succeeds if: the validity is as requested
Test fails if: otherwise
Tested in: voms014.exp
Failure case: The validity is too long (exceeds the credentials)
Input needed: A VO started
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms015.exp, voms041.exp
Failure case: The validity is unresoaneable, e.g: negative, h:m with
minutes greater than 59, etc...
Test succeeds if: improper cases return an error
Test fails if: otherwise
Tested in: voms130.exp, voms131.exp
Feature: voms-proxy-init allows to specify the validity of the
AC (implemented)
Input needed: A VO started
Test succeeds if: the validity is as requested
Test fails if: otherwise
Tested in: voms016.exp
Failure case: The validity is too long (exceeds the credentials)
Input needed: A VO started
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms017.exp
Feature: The log file is created with the proper permissions
(implemented)
Input needed: A VO started
Test succeeds if: The file has 600 permissions
Test fails if: otherwise
Tested in: voms018.exp
Feature: voms-proxy-info allows to verify if a proxy will still be
valid after a period of time (implemented)
Input needed: a proxy.
Test succeeds if: The check returns accurate results both when the
proxy should still be valid and when it should be nto
Test fails if: otherwise
Tested in: voms019.exp
Feature: voms can return short fqans (/group) but should default to
long one (/group/Role=NULL/Capability=NULL) (permitted)
Input needed: A VO Started
Test succeeds if: The FQANs are long
Test fails if: otherwise
Tested in: voms020.exp
Feature: voms can "target" ACs to specific hosts. (implemented)
Input needed: A VO started
Test succeeds if: The target information is present in the AC
Test fails if: otherwise
Tested in: voms021.exp
Feature: voms-proxy-info can check if a proxy contains an AC for a
specific VO. (implemented)
Input needed: A VOMS AC:
Test succeeds if: A present AC is detected as such, and a missing one
is also detected.
Test fails if: oterwise
Tested in: voms022.exp
Feature: voms-proxy-info can detect the tpe of proxy (gt2, gt3, rfc)
(implemented)
Input needed: a VOMS AC.
Test succeeds if: if the type is detected correctly
Test fails if: otherwise
Tested in: voms023.exp
Feature: voms-proxy-info cna print a text description of the
certificate, like that of openssl x509 -text (implemented)
Input needed: a valid proxy.
Test succeeds if: if the text is printed
Test fails if: otherwise
Tested in: voms024.exp, voms086.exp
Feature: voms-proxy-info can print the certificate chain of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the chain is described
Test fails if: otherwise
Tested in: voms025.exp
Feature: voms-proxy-info can print the subject of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the subject is printed
Test fails if: otherwise
Tested in: voms026.exp
Feature: voms-proxy-info can print the issuer of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the issuer is printed
Test fails if: otherwise
Tested in: voms027.exp
Feature: voms-proxy-info can print the identity of the proxy's owner
(implemented)
Input needed: a valid proxy
Test succeeds if: if the owner is printed
Test fails if: otherwise
Tested in: voms028.exp
Feature: voms-proxy-info can print the remaining validity of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the remaining validity is printed
Test fails if: otherwise
Tested in: voms029.exp
Feature: voms-proxy-info can print the strength of the proxy (implemented)
Input needed: a valid proxy
Test succeeds if: if the strength is printed correctly
Test fails if: otherwise
Tested in: voms030.exp
Feature: voms-proxy-info can print the path at which the proxy is found
(implemented)
Input needed: a valid proxy
Test succeeds if: if the path to the proxy is printed
Test fails if: otherwise
Tested in: voms031.exp
Feature: voms-proxy-info can print the name of the VO present in the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the name is printed and correct
Test fails if: otherwise
Tested in: voms032.exp
Feature: voms-proxy-info can print the fqans in the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the fqans are printed
Test fails if: otherwise
Tested in: voms033.exp
Feature: voms-proxy-info can print the owner of the ac (implemented)
Input needed: a valid proxy
Test succeeds if: if the owner is printed
Test fails if: otherwise
Tested in: voms034.exp
Feature: voms-proxy-info can print the issuer of the ac (implemented)
Input needed: a valid proxy
Test succeeds if: if the issuer of the ac is printed
Test fails if: otherwise
Tested in: voms035.exp
Feature: voms-proxy-info can print the remaining validity of the ac
(implemented)
Input needed: a valid proxy
Test succeeds if: if the remaining validity is printed
Test fails if: otherwise
Tested in: voms036.exp
Feature: voms-proxy-info can print the serial number of the proxy
(implemented)
Input needed: a valid proxy
Test succeeds if: if the serial number is printed
Test fails if: otherwise
Tested in: voms037.exp
Feature: voms-proxy-init can avoid printing anything in case of
success (implemented)
Input needed: a VO started
Test succeeds if: if the voms-proxy-init is effectively quiet
Test fails if: otherwise
Tested in: voms038.exp
Feature: voms-proxy-init can verify the proxy created (implemented)
Input needed: a valid proxy, a revoked user certificate
Test succeeds if: if the revocation is noticed
Test fails if: otherwise
Tested in: voms039.exp
Feature: voms-proxy-info can create limited proxies (gt2) (implemented)
Input needed: a started vo
Test succeeds if: if a limited proxy is created
Test fails if: otherwise
Tested in: voms040.exp
Feature: voms-proxy-init can create a proxy valid X hours (implemented)
Input needed: a started vo
Test succeeds if: if the proxy validity is correct
Test fails if: otherwise
Tested in: voms041.exp
Feature: voms-proxy-init can select the strength of the proxy (implemented)
Input needed: a started vo
Test succeeds if: if the correct strength is set
Test fails if: otherwise
Tested in: voms042.exp
Failure case: The strength is unacceptable (e.g: 5000)
Test succeeds if: a proper error message is returned
Test fails if: otherwise
Tested in: voms129.exp
Feature: voms-proxy-init can include a user-specified file in the proxy
(implemented)
Input needed: a started vo
Test succeeds if: if the file is included
Test fails if: otherwise
Tested in: voms043.exp
Feature: voms-proxy-init can contact the server using an already
existing proxy for authentication, with or without pre-existing voms
credentials (implemented)
Input needed: a started vo
Test succeeds if: if the proxy is correctly created
Test fails if: otherwise
Tested in: voms044.exp, voms061
Feature: voms-proxy-init can print the AC on a separate file
(implemented)
Input needed: a started vo
Test succeeds if: the file is created and contains an AC
Test fails if: otherwise
Tested in: voms045.exp, voms123.exp
Failure case: The file cannot be written
Test succeeds if: a proper error message is returned
Test fails if: otherwise
Tested in: voms133.exp
Feature: voms-proxy-init can be told to treat warnings as if they were
errors (implemented)
Input needed: a started vo
Test succeeds if: if voms-proxy-init fails on a warning
Test fails if: otherwise
Tested in: voms046.exp
Feature: voms-proxy-init can be told to ignore warnings
(implemented)
Input needed: a started vo
Test succeeds if: if warnings are ignored
Test fails if: otherwise
Tested in: voms047.exp
Feature: voms-proxy-init can read its options from a file
(implemented)
Input needed: a started vo
Test succeeds if: if the file is read and the options recognized
Test fails if: otherwise
Tested in: voms048.exp
Feature: voms-proxy-init can specify the path-length constraint on an
RFC proxy (implemented)
Input needed: a started vo
Test succeeds if: if the proxy contains the constraint
Test fails if: otherwise
Tested in: voms049.exp
Feature: voms-proxy-init can specify the policy language and policy id
on an RFC proxy (implemented)
Input needed: a started vo
Test succeeds if: if the proxy specifies the id and the language
Test fails if: otherwise
Tested in: voms050.exp
Feature: voms-proxy-destroy can delete a proxy (implemented)
Input needed: an existing proxy
Test succeeds if: if the proxy is deleted
Test fails if: otherwise
Tested in: voms051.exp
Feature: voms allows to specify the (approximate) maximum size of a
log file befor eit is rotated (implemented)
Input needed: a started voms
Test succeeds if: if thep maximum size is approximately respected
Test fails if: otherwise
Tested in: voms053.exp
Feature: voms can skip checking CAs when authenticating users (implemented)
Input needed: a started vo
Test succeeds if: if a user with the same DN but a differnt CA than
what is registered in voms is accepted.
Test fails if: otherwise
Tested in: voms054.exp
Feature: voms by default matches both DN and CA when authenticating users
(implemented)
Input needed: a started vo
Test succeeds if: if a user with the same DN but a different CA than
what is registered in voms is refused
Test fails if: otherwise
Tested in: voms055.exp
Feature: voms can drop stalled connections after a few seconds
(implemented)
Input needed: a started vo
Test succeeds if: if a stalled connection is dropped by the server
Test fails if: otherwise
Tested in: voms056.exp
Feature: voms can set a specific uri as the server endpoint in the AC
(implemented)
Input needed: a started vo
Test succeeds if: if the AC is created with the stated URI
Test fails if: otherwise
Tested in: voms057.exp
Feature: voms-proxy-info can print the uri of the voms server that
created the AC (implemented)
Input needed: an existing proxy
Test succeeds if: if the AC contains the right URI
Test fails if: otherwise
Tested in: voms058.exp
Feature: if voms-proxy-init asks for a role as the first fqan, that role is placed first
among the fqans in the AC (implemented)
Input needed: a started vo
Test succeeds if: if the role is first
Test fails if: otherwise
Tested in: voms059.exp
Feature: voms-proxy-init allows requesting several attributes by using
several --voms options (implemented)
Input needed: a started vo
Test succeeds if: if several --voms options work as expected
Test fails if: otherwise
Tested in: voms060.exp
Feature: voms-proxy-init returns an error message if the user is not
registerd in the VO (implemented)
Input needed: a started vo
Test succeeds if: if the request fails and the correct message is returned
Test fails if: otherwise
Tested in: voms062.exp, voms063.exp
Feature: voms-proxy-init should treat options starting with -+
correctle rather than segfaulting (implemented)
Input needed: a started vo
Test succeeds if: if the request fails and a proper error message is returned.
Test fails if: otherwise
Tested in: voms066.exp
Feature: voms-proxy-info should report a missing X509_CERT_DIR as an
error (implemented)
Input needed: an existing proxy
Test succeeds if: output is print
Test fails if: otherwise
Tested in: voms067.exp
Feature: voms can be told not to log on its own logfile (implemented)
Input needed: a configured VO
Test succeeds if: if voms starts and does not write a logfile
Test fails if: otherwise
Tested in: voms068.exp
Feature: voms can rotate its own logfile. This rotation should work
even if one of he intermediate files is missing (implemented)
Input needed: a started vo
Test succeeds if: rotation works when one of the already rotated logs
is missing
Test fails if: otherwise
Tested in: voms069.exp
Feature: voms-proxy-init can generate gt2 proxies with the --old
option (implemented)
Input needed: a started vo
Test succeeds if: if the --old option works
Test fails if: otherwise
Tested in: voms070.exp
Feature: voms-proxy-init should fail if passed unrecognized options
(implemented)
Input needed: a started vo
Test succeeds if: if voms-proxy-init fails with unrecognized options
Test fails if: otherwise
Tested in: voms071.exp
Feature: if voms is told to use a logfile, it should fail to start if
it cannot write it. (implemented)
Input needed: a started vo
Test succeeds if: voms fails to start when the log file cannot be written
Test fails if: otherwise
Tested in: voms072.exp
Feature: The log rotation done by voms can be disabled (implemented)
Input needed: a started vo
Test succeeds if: disabling the log rotation works
Test fails if: otherwise
Tested in: voms073.exp
Feature: voms-proxy-fake when run without arguments should create a
standard proxy and not cause an error (implemented)
Input needed: a valid PKI
Test succeeds if: no errors are reported and a proxy is created
Test fails if: otherwise
Tested in: voms074.exp, voms075.exp
Feature: voms-proxy-init can be told to drop the connection if a
timeout is reached (implemented)
Input needed: a started vo
Test succeeds if: if the connection is dropped when the timeout is reached
Test fails if: otherwise
Tested in: voms076a.exp, voms076b.exp
Feature: voms-proxy-fake should report its own version (implemented)
Input needed: none
Test succeeds if: if the version is correctly reported
Test fails if: otherwise
Tested in: voms078.exp
Feature: voms-proxy-fake can create and insert ACs in the proxy
(implemented)
Input needed: a valid PKI
Test succeeds if: if an AC is inserted in the proxy
Test fails if: otherwise
Tested in: voms079.exp
Feature: voms-proxy-init should report when the proxy certificate wll
expire after the user certificate (implemented)
Input needed: a started vo
Test succeeds if: if it is reported
Test fails if: otherwise
Tested in: voms080.exp
Feature: voms-proxy-info should report an error when it cannot find
the CA certificates (implemented)
Input needed: a valid proxy
Test succeeds if: if a message is printed
Test fails if: otherwise
Tested in: voms081.exp
Feature: voms-proxy-info can check the strength of the proxy (implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct results
Test fails if: otherwise
Tested in: voms082.exp
Feature: voms-proxy-info can check the remaining validity of a proxy
(implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct result
Test fails if: otherwise
Tested in: voms083.exp
Feature: voms-proxy-init should return an error message when it cannot
verify the AC returned from the server (implemented)
Input needed: a started vo
Test succeeds if: if the error is printed
Test fails if: otherwise
Tested in: voms084.exp
Feature: voms-proxy-info can check if an AC is present (implemented)
Input needed: a started vo
Test succeeds if: if the check returns the correct result
Test fails if: otherwise
Tested in: voms085.exp
Feature: voms-proxy-init can return its own version (implemented)
Input needed: none
Test succeeds if: the version is printed
Test fails if: otherwise
Tested in: voms087.exp
Feature: voms-proxy-init can print an help message (implemented)
Input needed: a started vo
Test succeeds if: the help message is printed
Test fails if: otherwise
Tested in: voms088.exp
Feature: voms should refuse adding new credentials to an AC that does
not already have them (implemented)
Input needed: a started vo
Test succeeds if: if the AC is not created
Test fails if: otherwise
Tested in: voms089.exp
Feature: voms-proxy-fake allows to specify the subject of the proxy it
creates (implemented)
Input needed: a valid PKI
Test succeeds if: the subject is the one specified
Test fails if: otherwise
Tested in: voms090.exp
Feature: voms-proxy-fake should allow reading the options that specify
the AC type from a file
(implemented)
Input needed: a valid PKI
Test succeeds if: the file is read, and the AC created as specified
Test fails if: otherwise
Tested in: voms091.exp, voms092.exp
Feature: voms and voms-proxy-init should work with server certificates
including email in the DN (implemented)
Input needed: a started vo
Test succeeds if: a voms proxy can be created from such a server
Test fails if: otherwise
Tested in: voms093.exp
Feature: lsc files in vomdir should work in place of host certificates
(implemented)
Input needed: a started vo
Test succeeds if: voms and voms-proxy-init still works
Test fails if: otherwise
Tested in: voms094.exp, voms154.exp, voms155.exp
Feature: voms-proxy-init shouls accept passwords from stdin (implemented)
Input needed: a started vo
Test succeeds if: the password is accepted
Test fails if: otherwise
Tested in: voms096.exp
Failure case: No password is present on stdin
Test succeeds if: Proper error message is printed
Test fails if: otherwise
Tested in voms127.exp
Feature: voms-proxy-init must fail if requested to create a proxy type
which does not exist (implemented)
Input needed: a started vo
Test succeeds if: voms-proxy-init fails
Test fails if: otherwise
Tested in: voms097.exp
Feature: voms can change most (but not all) of its configuration
without requiring a restart (implemented)
Input needed: a started vo
Test succeeds if: if the change is recognized
Test fails if: otherwise
Tested in: voms098.exp
Feature: voms supports a REST protocol for accepting requests (implemented)
Input needed: a started vo
Test succeeds if: if several type of requests succeed
Test fails if: otherwise
Tested in: voms099.exp, voms100.exp, voms101.exp, voms102.exp,
voms103.exp, voms104.exp, voms107.exp
Feature: voms-proxy-init can insert an already existing AC in a proxy
(implemented)
Input needed: a started vo and an AC
Test succeeds if: the AC is correctly inserted, and an incorrect AC is
refused.
Test fails if: otherwise
Tested in: voms105.exp, voms106.exp
Feature: voms-proxy-info can print the contents of the
KeyUsage
extension of the proxy (implemented)
Input needed: a started vo
Test succeeds if: the content of the extension is printed
Test fails if: otherwise
Tested in: voms108.exp
Feature: voms-proxy-destroy can be executed in dry-run mode (implemented)
Input needed: an existing proxy
Test succeeds if: dry-run mode works
Test fails if: otherwise
Tested in: voms109.exp
Feature: voms-proxy-fake can backdate the AC it creates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the AC is backdated by the right amount
Test fails if: otherwise
Tested in: voms110.exp
Feature: voms-proxy-fake can backdate the proxy it creates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the proxy is backdated by the right amount
Test fails if: otherwise
Tested in: voms111.exp
Feature: voms-proxy-fake allows to specify the contents of the
KeyUsage extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested keyusage
Test fails if: otherwise
Tested in: voms112.exp
Failure case: Invalid values for the extension:
Test succeed if: voms-proxy-fake fails
Test fails if: otherwise
Tested in: voms157.exp
Feature: voms-proxy-fake allows to specify the contents of the
ExtendedKeyUsage extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested extended keyusage
Test fails if: otherwise
Tested in: voms113.exp
Feature: voms-proxy-fake allows to specify the contents of the
NsCert extension (implemented)
Input needed: a PKI infrastructure
Test succeeds if: the created proxy has the requested nscert
Test fails if: otherwise
Tested in: voms114.exp
Feature: voms-proxy-fake allows the creation of self-signed certificates (implemented)
Input needed: a PKI infrastructure
Test succeeds if: if the certificate is self-signed
Test fails if: otherwise
Tested in: voms115.exp, voms149.exp
Failure case: At leas one between --newsubject and --newissuer must be
specified along with --selfsigned
Test succeeds if: the absence of both causes a failure
Test fails if: otherwise
Tested in: voms150.exp
Feature: voms-proxy-fake allow adding user-specified extensions to the
proxy or to the AC (implemented)
Input needed: a PKI infrastructure
Test succeeds if: if the extension is present
Test fails if: otherwise
Tested in: voms116.exp, voms117.exp, voms118.exp, voms119.exp, voms120.exp
Feature: voms-proxy-fake allows to select the serial number of the
created certificate (implemented)
Input needed: a started vo
Test succeeds if: the serial number is correct
Test fails if: otherwise
Tested in: voms121.exp
Feature: voms-proxy-init allows saving the proxy in a specified
location rather than the default one (implemented)
Input needed: a started vo
Test succeeds if: the proxy is in the specified location
Test fails if: otherwise
Tested in: voms122.exp
Feature: voms-proxy-init can print a set of debug informations during
its executione (note: subject to change without warning from build to
build. Users must not rely on it) (implemented)
Input needed: a started vo
Test succeeds if: the debug info is present
Test fails if: otherwise
Tested in: voms124.exp
Feature: voms-proxy-init detects an incorrect vomses file (implemented)
Input needed: a started vo
Test succeeds if: the incorrect file is detected
Test fails if: otherwise
Tested in: voms125.exp
Feature: voms-proxy-init require policy files when policy languages
are specified for RFC proxies (implemented)
Input needed: a started vo
Test succeeds if: an error message is returned
Test fails if: otherwise
Tested in: voms128.exp
Feature: voms inserts the name of the VO in the AC it creates (implemented)
Input needed: a started vo
Test succeeds if: the vo name is present
Test fails if: otherwise
Tested in: voms138.exp
Feature: voms-proxy-init can read certificates in pkcs12 format (implemented)
Input needed: a started vo
Test succeeds if: the certificate is read correctly and the proxy is created
Test fails if: otherwise
Tested in: voms141.exp
Feature: Specifying a strength of 0 in voms-proxy-init and
voms-proxy-fake means "use the default strength" (implemented)
Input needed: a started vo
Test succeeds if: The default strength is used in the proxy
Test fails if: otherwise
Tested in: voms142.exp, voms143.exp
Feature: voms-proxy-fake allow using non-printable chars while
specifying anew subject or a new issuer by specifying them in hex
preceded by '\' (implemented)
Input needed: a valid PKI
Test succeeds if: the char is correctly translated
Test fails if: otherwise
Tested in: voms148.exp
Feature: voms-proxy-fake can save the proxy and the AC in separate
files (implemented)
Input needed: a valid PKI
Test succeeds if: if ac and proxy are saved in separate locations
Test fails if: otherwise
Tested in: voms151.exp
Feature: voms-proxy-init can be told to not validate the ac, via
command line or env variables (implemented)
Input needed: a started vo
Test succeeds if: validation does not take place
Test fails if: otherwise
Tested in: voms152.exp, voms153.exp
Feature: voms must not redefine the "email" OID (implemented)
Input needed: none
Test succeeds if: the OID is not redefined
Test fails if: otherwise
Tested in: voms158.exp
Feature: The man pages must not have references to edg (implemented)
Input needed: none
Test succeeds if: no reference is present
Test fails if: otherwise
Tested in: voms159.exp
Feature: voms-proxy-info must succeed on a plain proxy (implemented)
Input needed: a started vo
Test succeeds if: voms-proxy-info succeeded
Test fails if: otherwise
Tested in: voms160.exp
Feature: voms should not install world writable files or dirs, nor
should the jar file have executable permission (implemented)
Input needed: none
Test succeeds if: there are no such files
Test fails if: otherwise
Tested in: voms161.exp, voms162.exp
Feature: voms-proxy-init --noregen of an RFC proxy must work (implemented)
Input needed: a started vo
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms165.exp
Feature: voms-proxy-init must read vomses files in .voms if present, and in .glite if .voms is absent (implemented)
Input needed: a started vo
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms166.exp, voms167.exp
Feature: For voms-proxy-fake, --ga must be also available from the command line, not just from the voinfo files (implemented)
Input needed: a PKI infrastructure correctly installed
Test succeeds if: it works
Test fails if: otherwise
Tested in: voms168.exp
Feature: Basic unit tests of voms C APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-c001.exp, vomsapi-c002.exp, vomsapi-c003.exp,
vomsapi-c004.exp, vomsapi-c005.exp, vomsapi-c006.exp,
vomsapi-c007.exp, vomsapi-c008.exp, vomsapi-c009.exp,
vomsapi-c010.exp, vomsapi-c011.exp, vomsapi-c012.exp,
vomsapi-c013.exp, vomsapi-c014.exp, vomsapi-c015.exp,
vomsapi-c016.exp, vomsapi-c017.exp, vomsapi-c018.exp,
vomsapi-c019.exp, vomsapi-c020.exp, vomsapi-c021.exp,
vomsapi-c022.exp, vomsapi-c023.exp, vomsapi-c024.exp,
vomsapi-c025.exp, vomsapi-c026.exp, vomsapi-c027.exp,
vomsapi-c028.exp, vomsapi-c029.exp
Feature: Basic unit tests of voms C++ APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-cpp001.exp, vomsapi-cpp002.exp, vomsapi-cpp003.exp,
vomsapi-cpp004.exp, vomsapi-cpp005.exp, vomsapi-cpp006.exp,
vomsapi-cpp007.exp
Feature: Basic unit tests of voms C APIs (implemented)
Input needed: a started vo
Test succeeds if: the api works
Test fails if: otherwise
Tested in: vomsapi-java001.exp, vomsapi-java002.exp,
vomsapi-java003.exp, vomsapi-java004.exp, vomsapi-java005.exp,
vomsapi-java006.exp, vomsapi-java007.exp, vomsapi-java008.exp,
vomsapi-java009.exp, vomsapi-java010.exp, vomsapi-java011.exp
1.1.1 [VOMS] AC query fails when more than two fqans are explicitly requested (https://savannah.cern.ch/bugs/?91228)
This issue is tested automatically by the VOMS core testsuite (test voms170.exp).
Description of the test: This issue is tested automatically by the VOMS core testsuite.
Description of the test: This issue is tested automatically by VOMS Java APIs unit test suite
1.1.4 [VOMS] Invalid proxy generated by VOMS in case keyUsage extension is not present. (https://savannah.cern.ch/bugs/?91183)
Description of the test: This issue is tested automatically by the new
VOMS Robot Framework testsuite.
1.1.5 [VOMS JAVA API] VOMS Java APIs works under heavy load
Description of the test: This issue is tested automatically by the voms-api-java build time testing
voms-api-java build time testing.
1.2 Manual regression tests
Unset the
VOMS_LOCATION
VOMS_LOCATION_VAR
VOMS_LOCATION_CONF
environment variables and check that the VOMS init scripts work as expected.
Check that the
GlueServiceVersion
and
GLUE2EndpointImplementationVersion
published by VOMS and VOMS-Admin are equal
to the versions of the installed rpms.
Check that VOMS correctly ignores the
/etc/nologin
file at startup (VOMS refused to start in the past).
Check that VOMS is activated for all meaningful runlevels after installation and configuration (ensure this holds
also for an upgrade scenario).
Check in a running service that uses the VOMS Java APIs (e.g., the Argus PAP), that the
ERROR [PKIUtils] - keyUsage extension present, but CertSign bit not active.
error message is
not printed.
Check in a running service that uses the VOMS Java APIs (e.g., the Argus PAP), that a VOMS RFC proxy
can be correctly verified.
https://wiki.italiangrid.it/twiki/bin/view/VOMS/VOMSTestPlan
- Configure a MySQL based VO.
- Add a user to the VO.
- Run a large number of AC requests against the VOMS server for that user (e.g., 500 requests).
- Set the
log-warnings=2
in the MySQL configuration, typically /etc/my.cnf
.
- Ensure that the mysql log doesn't contain an "Aborted connection" warning for each request (some aborted connections are accetable).
1.2.8 [VOMS] VOMS fails in producing AC if certificate subject name contains an apostrophe (https://savannah.cern.ch/bugs/?93455 )
- Create a test certificate containing an apostrophe.
- Register this certificate in VOMS.
- Ensure that it's possible to obtain an AC out of VOMS with the just created certificate.
1.2.9 [VOMS] YAIM VOMS should provide a way to configure --skipcacheck voms configuration parameter (https://savannah.cern.ch/bugs/?89202 )
- Configure a VO with YAIM specifying the VOMS_SKIP_CA_CHECK variable.
- Ensure that the /etc//voms.conf configuration file contains the --skipcacheck after the configuration.
- Configure an Oracle VO.
- Add a user to the VO.
- Check that no crash is observed for large number of AC requests for that user (e.g., 50000 requests)
- This needs a specialized test program.
1.2.12 [VOMS API Java] VOMS Java APIs should provide sensible truststore refresh default (https://savannah.cern.ch/bugs/?93551 )
- This needs a specialized test program.
--
AndreaCeccanti - 2012-03-01