diff options
author | Michael Stahl <michael.stahl@allotropia.de> | 2024-01-29 15:24:05 +0100 |
---|---|---|
committer | Michael Stahl <michael.stahl@allotropia.de> | 2024-01-30 10:23:32 +0100 |
commit | 2048db4dc8ee6edb231a9109257846975a6f7834 (patch) | |
tree | c91d87e07f3302a40fc6acb4bbc575330525def0 /unotest | |
parent | af15f8b7f346898677f1eee6521a6be1ff63eb56 (diff) |
tdf#105844 unotest,xmlsecurity: fix tests on MacOSX
The new tests fail with:
> core/xmlsecurity/qa/unit/signing/signing2.cxx:
> 252: Assertion
> Test name: testPasswordPreserveMacroSignatureODFWholesomeLO242::TestBody
> equality assertion failed
> - Expected: 1
> - Actual : 4
This is because only the first test that runs sees the testing CA
certificates that are copied in MacrosTest::setUpNssGpg(); when the
second test runs, they have somehow vanished.
This is because apparently SQLite on MacOSX, unlike on Linux, monitors
the file descriptors of its database files, and then invalidates itself
when setUpNssGpg() via osl::File::copy() renames and unlinks the
existing database files:
> cppunittester[29873:5483181] [logging] BUG IN CLIENT OF libsqlite3.dylib: database integrity compromised by API violation: vnode renamed while in use: core/workdir/CppunitTest/xmlsecurity_signing2.test.user/cert9.db.osl-tmp
> cppunittester[29873:5483181] [logging] invalidated open fd: 5 (0x20)
> cppunittester[29873:5483181] [logging] BUG IN CLIENT OF libsqlite3.dylib: database integrity compromised by API violation: vnode unlinked while in use: core/workdir/CppunitTest/xmlsecurity_signing2.test.user/cert9.db.osl-tmp
> cppunittester[29873:5483181] [logging] invalidated open fd: 5 (0x11)
> cppunittester[29873:5483181] [logging] BUG IN CLIENT OF libsqlite3.dylib: database integrity compromised by API violation: vnode renamed while in use: core/workdir/CppunitTest/xmlsecurity_signing2.test.user/key4.db.osl-tmp
> cppunittester[29873:5483181] [logging] invalidated open fd: 6 (0x20)
> cppunittester[29873:5483181] [logging] BUG IN CLIENT OF libsqlite3.dylib: database integrity compromised by API violation: vnode unlinked while in use: core/workdir/CppunitTest/xmlsecurity_signing2.test.user/key4.db.osl-tmp
> cppunittester[29873:5483181] [logging] invalidated open fd: 6 (0x11)
Split MacrosTest::setUpNssGpg()/tearDownNssGpg() into functions
setUpX509() which only does something on the 1st invocation, and
setUpGpg()/tearDownGpg() which may be invoked per-test (they could also
be run once for the whole test suite, but not obvious how to do that);
PDF related tests don't need GPG.
Presumably this is (along with the WNT-specific problem fixed in commit
3e9a700091872480dd085f0928d1d30b7d74cfd7) the reason why most of the
tests not only accept the expected result of SignatureState::OK but also
SignatureState::NOTVALIDATED.
Change-Id: I59b85ca651cecaccfdea729ed1e645c53079c8bf
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162693
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'unotest')
-rw-r--r-- | unotest/source/cpp/macros_test.cxx | 46 |
1 files changed, 33 insertions, 13 deletions
diff --git a/unotest/source/cpp/macros_test.cxx b/unotest/source/cpp/macros_test.cxx index 3bb2a22a5da4..3d5bc326f7f7 100644 --- a/unotest/source/cpp/macros_test.cxx +++ b/unotest/source/cpp/macros_test.cxx @@ -110,23 +110,19 @@ std::unique_ptr<SvStream> MacrosTest::parseExportStream(const OUString& url, return pStream; } -void MacrosTest::setUpNssGpg(const test::Directories& rDirectories, const OUString& rTestName) +void MacrosTest::setUpX509(const test::Directories& rDirectories, const OUString& rTestName) { + static bool isDone{ false }; + if (isDone) // must only be done once on MacOSX - see below! + { + return; + } + isDone = true; + OUString aSourceDir = rDirectories.getURLFromSrc(u"/test/signing-keys/"); OUString aTargetDir = rDirectories.getURLFromWorkdir(Concat2View("CppunitTest/" + rTestName + ".test.user")); - // Set up NSS database in workdir/CppunitTest/ - osl::File::copy(aSourceDir + "cert9.db", aTargetDir + "/cert9.db"); - osl::File::copy(aSourceDir + "key4.db", aTargetDir + "/key4.db"); - osl::File::copy(aSourceDir + "pkcs11.txt", aTargetDir + "/pkcs11.txt"); - - // Make gpg use our own defined setup & keys - osl::File::copy(aSourceDir + "pubring.gpg", aTargetDir + "/pubring.gpg"); - osl::File::copy(aSourceDir + "random_seed", aTargetDir + "/random_seed"); - osl::File::copy(aSourceDir + "secring.gpg", aTargetDir + "/secring.gpg"); - osl::File::copy(aSourceDir + "trustdb.gpg", aTargetDir + "/trustdb.gpg"); - OUString aTargetPath; osl::FileBase::getSystemPathFromFileURL(aTargetDir, aTargetPath); @@ -136,10 +132,34 @@ void MacrosTest::setUpNssGpg(const test::Directories& rDirectories, const OUStri OUString caVar("LIBO_TEST_CRYPTOAPI_PKCS7"); osl_setEnvironment(caVar.pData, aTargetPath.pData); #else + // Set up NSS database in workdir/CppunitTest/ + // WARNING: on MacOSX, this *must only be done once* - once NSS has opened + // the files, SQLite will *stop using them* if they are overwritten or renamed! + osl::File::copy(aSourceDir + "cert9.db", aTargetDir + "/cert9.db"); + osl::File::copy(aSourceDir + "key4.db", aTargetDir + "/key4.db"); + osl::File::copy(aSourceDir + "pkcs11.txt", aTargetDir + "/pkcs11.txt"); + OUString mozCertVar("MOZILLA_CERTIFICATE_FOLDER"); // explicit prefix with "sql:" needed for CentOS7 system NSS 3.67 osl_setEnvironment(mozCertVar.pData, OUString("sql:" + aTargetPath).pData); #endif +} + +void MacrosTest::setUpGpg(const test::Directories& rDirectories, const OUString& rTestName) +{ + OUString aSourceDir = rDirectories.getURLFromSrc(u"/test/signing-keys/"); + OUString aTargetDir + = rDirectories.getURLFromWorkdir(Concat2View("CppunitTest/" + rTestName + ".test.user")); + + OUString aTargetPath; + osl::FileBase::getSystemPathFromFileURL(aTargetDir, aTargetPath); + + // Make gpg use our own defined setup & keys + osl::File::copy(aSourceDir + "pubring.gpg", aTargetDir + "/pubring.gpg"); + osl::File::copy(aSourceDir + "random_seed", aTargetDir + "/random_seed"); + osl::File::copy(aSourceDir + "secring.gpg", aTargetDir + "/secring.gpg"); + osl::File::copy(aSourceDir + "trustdb.gpg", aTargetDir + "/trustdb.gpg"); + OUString gpgHomeVar("GNUPGHOME"); osl_setEnvironment(gpgHomeVar.pData, aTargetPath.pData); @@ -166,7 +186,7 @@ void MacrosTest::setUpNssGpg(const test::Directories& rDirectories, const OUStri #endif } -void MacrosTest::tearDownNssGpg() +void MacrosTest::tearDownGpg() { #if HAVE_GPGCONF_SOCKETDIR // HAVE_GPGCONF_SOCKETDIR is only defined in configure.ac for Linux for now, so (a) std::system |