0s autopkgtest [18:22:15]: starting date and time: 2024-03-20 18:22:15+0000 0s autopkgtest [18:22:15]: git checkout: 4a1cd702 l/adt_testbed: don't blame the testbed for unsolvable build deps 0s autopkgtest [18:22:15]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.s31frfpf/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:jose --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=jose/11-3build1 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos01-ppc64el-3.secgroup --name adt-noble-ppc64el-sssd-20240320-182215-juju-7f2275-prod-proposed-migration-environment-2 --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://us.ports.ubuntu.com/ubuntu-ports/ 151s autopkgtest [18:24:46]: testbed dpkg architecture: ppc64el 151s autopkgtest [18:24:46]: testbed apt version: 2.7.12 151s autopkgtest [18:24:46]: @@@@@@@@@@@@@@@@@@@@ test bed setup 152s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 153s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 153s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [501 kB] 153s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 153s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3809 kB] 153s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [686 kB] 153s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 153s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 153s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 153s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4160 kB] 153s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 153s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [58.6 kB] 153s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 156s Fetched 9405 kB in 2s (4214 kB/s) 157s Reading package lists... 159s Reading package lists... 159s Building dependency tree... 159s Reading state information... 160s Calculating upgrade... 160s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 160s Reading package lists... 160s Building dependency tree... 160s Reading state information... 160s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 160s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 160s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 161s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 161s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 162s Reading package lists... 162s Reading package lists... 162s Building dependency tree... 162s Reading state information... 162s Calculating upgrade... 162s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 162s Reading package lists... 162s Building dependency tree... 162s Reading state information... 163s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 165s autopkgtest [18:25:00]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP Wed Feb 14 00:33:03 UTC 2024 165s autopkgtest [18:25:00]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 179s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 179s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 179s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 179s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 179s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 179s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 179s gpgv: Can't check signature: No public key 179s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 180s autopkgtest [18:25:15]: testing package sssd version 2.9.4-1ubuntu1 180s autopkgtest [18:25:15]: build not needed 207s autopkgtest [18:25:42]: test ldap-user-group-ldap-auth: preparing testbed 215s Reading package lists... 215s Building dependency tree... 215s Reading state information... 215s Starting pkgProblemResolver with broken count: 0 215s Starting 2 pkgProblemResolver with broken count: 0 215s Done 215s The following additional packages will be installed: 215s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 215s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 215s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 215s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 215s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 215s libref-array1 libsmbclient libssl3t64 libsss-certmap-dev libsss-certmap0 215s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 215s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 215s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 215s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 215s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 215s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 215s Suggested packages: 215s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 215s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 215s Recommended packages: 215s cracklib-runtime libsasl2-modules-gssapi-mit 215s | libsasl2-modules-gssapi-heimdal 215s The following packages will be REMOVED: 215s libssl3 215s The following NEW packages will be installed: 215s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 215s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 215s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 215s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 215s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 215s libpwquality1 libref-array1 libsmbclient libssl3t64 libsss-certmap-dev 215s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 215s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 215s libverto-libevent1 libverto1 libwbclient0 python3-libipa-hbac 215s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 215s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 215s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 215s tcl8.6 215s 0 upgraded, 66 newly installed, 1 to remove and 0 not upgraded. 215s Need to get 16.4 MB/16.4 MB of archives. 215s After this operation, 70.0 MB of additional disk space will be used. 215s Get:1 /tmp/autopkgtest.D7GT7j/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [872 B] 215s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libssl3t64 ppc64el 3.0.13-0ubuntu2 [2125 kB] 216s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7 [48.0 kB] 216s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libodbc2 ppc64el 2.3.12-1 [187 kB] 216s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [1768 kB] 216s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.13+dfsg-2 [1179 kB] 216s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.13+dfsg-2 [14.8 kB] 216s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-2build1 [112 kB] 216s Get:9 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-2build1 [137 kB] 216s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [154 kB] 216s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 216s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 216s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 216s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 216s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 216s Get:16 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el libjose0 ppc64el 11-3build1 [51.3 kB] 216s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1 ppc64el 0.3.1-1ubuntu5 [5960 B] 216s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1 ppc64el 0.3.1-1ubuntu5 [11.6 kB] 216s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libkrad0 ppc64el 1.20.1-5build1 [24.3 kB] 216s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 216s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 216s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 216s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 216s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 216s Get:25 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 216s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 216s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 216s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 216s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 216s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 217s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 217s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 217s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 217s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 217s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 217s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 217s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 217s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 217s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 217s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 217s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 217s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 217s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 217s Get:44 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 217s Get:45 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-idp ppc64el 2.9.4-1ubuntu1 [30.8 kB] 217s Get:46 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-passkey ppc64el 2.9.4-1ubuntu1 [35.4 kB] 217s Get:47 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 217s Get:48 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 217s Get:49 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 217s Get:50 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 217s Get:51 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 217s Get:52 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 217s Get:53 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 217s Get:54 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 217s Get:55 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 217s Get:56 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 217s Get:57 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-dbus ppc64el 2.9.4-1ubuntu1 [122 kB] 217s Get:58 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-kcm ppc64el 2.9.4-1ubuntu1 [160 kB] 217s Get:59 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-tools ppc64el 2.9.4-1ubuntu1 [108 kB] 217s Get:60 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1ubuntu1 [6666 B] 217s Get:61 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1ubuntu1 [5734 B] 217s Get:62 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1ubuntu1 [8380 B] 217s Get:63 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1ubuntu1 [6722 B] 217s Get:64 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsss-sudo ppc64el 2.9.4-1ubuntu1 [22.4 kB] 217s Get:65 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1ubuntu1 [19.2 kB] 217s Get:66 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1ubuntu1 [9542 B] 217s Preconfiguring packages ... 217s Fetched 16.4 MB in 2s (9911 kB/s) 217s dpkg: libssl3:ppc64el: dependency problems, but removing anyway as you requested: 217s wget depends on libssl3 (>= 3.0.0). 217s tnftp depends on libssl3 (>= 3.0.0). 217s tcpdump depends on libssl3 (>= 3.0.0). 217s systemd-resolved depends on libssl3 (>= 3.0.0). 217s systemd depends on libssl3 (>= 3.0.0). 217s sudo depends on libssl3 (>= 3.0.0). 217s rsync depends on libssl3 (>= 3.0.0). 217s python3-cryptography depends on libssl3 (>= 3.0.0). 217s openssl depends on libssl3 (>= 3.0.9). 217s openssh-server depends on libssl3 (>= 3.0.10). 217s openssh-client depends on libssl3 (>= 3.0.10). 217s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 217s libsystemd-shared:ppc64el depends on libssl3 (>= 3.0.0). 217s libssh-4:ppc64el depends on libssl3 (>= 3.0.0). 217s libsasl2-modules:ppc64el depends on libssl3 (>= 3.0.0). 217s libsasl2-2:ppc64el depends on libssl3 (>= 3.0.0). 217s libpython3.12-minimal:ppc64el depends on libssl3 (>= 3.0.0). 217s libpython3.11-minimal:ppc64el depends on libssl3 (>= 3.0.0). 217s libnvme1 depends on libssl3 (>= 3.0.0). 217s libkrb5-3:ppc64el depends on libssl3 (>= 3.0.0). 217s libkmod2:ppc64el depends on libssl3 (>= 3.0.0). 217s libfido2-1:ppc64el depends on libssl3 (>= 3.0.0). 217s libcurl4:ppc64el depends on libssl3 (>= 3.0.0). 217s libcryptsetup12:ppc64el depends on libssl3 (>= 3.0.0). 217s kmod depends on libssl3 (>= 3.0.0). 217s dhcpcd-base depends on libssl3 (>= 3.0.0). 217s bind9-libs:ppc64el depends on libssl3 (>= 3.0.0). 217s 217s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 217s Removing libssl3:ppc64el (3.0.10-1ubuntu4) ... 217s Selecting previously unselected package libssl3t64:ppc64el. 218s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70084 files and directories currently installed.) 218s Preparing to unpack .../00-libssl3t64_3.0.13-0ubuntu2_ppc64el.deb ... 218s Unpacking libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 218s Selecting previously unselected package libltdl7:ppc64el. 218s Preparing to unpack .../01-libltdl7_2.4.7-7_ppc64el.deb ... 218s Unpacking libltdl7:ppc64el (2.4.7-7) ... 218s Selecting previously unselected package libodbc2:ppc64el. 218s Preparing to unpack .../02-libodbc2_2.3.12-1_ppc64el.deb ... 218s Unpacking libodbc2:ppc64el (2.3.12-1) ... 218s Selecting previously unselected package slapd. 218s Preparing to unpack .../03-slapd_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 218s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 218s Selecting previously unselected package libtcl8.6:ppc64el. 218s Preparing to unpack .../04-libtcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 218s Unpacking libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 218s Selecting previously unselected package tcl8.6. 218s Preparing to unpack .../05-tcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 218s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 218s Selecting previously unselected package tcl-expect:ppc64el. 218s Preparing to unpack .../06-tcl-expect_5.45.4-2build1_ppc64el.deb ... 218s Unpacking tcl-expect:ppc64el (5.45.4-2build1) ... 218s Selecting previously unselected package expect. 218s Preparing to unpack .../07-expect_5.45.4-2build1_ppc64el.deb ... 218s Unpacking expect (5.45.4-2build1) ... 218s Selecting previously unselected package ldap-utils. 218s Preparing to unpack .../08-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 218s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 218s Selecting previously unselected package libavahi-common-data:ppc64el. 218s Preparing to unpack .../09-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 218s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 218s Selecting previously unselected package libavahi-common3:ppc64el. 218s Preparing to unpack .../10-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 218s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 218s Selecting previously unselected package libavahi-client3:ppc64el. 218s Preparing to unpack .../11-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 218s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 218s Selecting previously unselected package libcrack2:ppc64el. 218s Preparing to unpack .../12-libcrack2_2.9.6-5.1_ppc64el.deb ... 218s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 218s Selecting previously unselected package libevent-2.1-7:ppc64el. 218s Preparing to unpack .../13-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 218s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 218s Selecting previously unselected package libjose0:ppc64el. 218s Preparing to unpack .../14-libjose0_11-3build1_ppc64el.deb ... 218s Unpacking libjose0:ppc64el (11-3build1) ... 218s Selecting previously unselected package libverto-libevent1:ppc64el. 218s Preparing to unpack .../15-libverto-libevent1_0.3.1-1ubuntu5_ppc64el.deb ... 218s Unpacking libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 218s Selecting previously unselected package libverto1:ppc64el. 218s Preparing to unpack .../16-libverto1_0.3.1-1ubuntu5_ppc64el.deb ... 218s Unpacking libverto1:ppc64el (0.3.1-1ubuntu5) ... 218s Selecting previously unselected package libkrad0:ppc64el. 218s Preparing to unpack .../17-libkrad0_1.20.1-5build1_ppc64el.deb ... 218s Unpacking libkrad0:ppc64el (1.20.1-5build1) ... 218s Selecting previously unselected package libtalloc2:ppc64el. 218s Preparing to unpack .../18-libtalloc2_2.4.2-1_ppc64el.deb ... 218s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 218s Selecting previously unselected package libtdb1:ppc64el. 218s Preparing to unpack .../19-libtdb1_1.4.10-1_ppc64el.deb ... 218s Unpacking libtdb1:ppc64el (1.4.10-1) ... 218s Selecting previously unselected package libtevent0:ppc64el. 218s Preparing to unpack .../20-libtevent0_0.16.1-1_ppc64el.deb ... 218s Unpacking libtevent0:ppc64el (0.16.1-1) ... 218s Selecting previously unselected package libldb2:ppc64el. 218s Preparing to unpack .../21-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 218s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 218s Selecting previously unselected package libnfsidmap1:ppc64el. 218s Preparing to unpack .../22-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 218s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 218s Selecting previously unselected package libnss-sudo. 218s Preparing to unpack .../23-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 218s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 218s Selecting previously unselected package libpwquality-common. 218s Preparing to unpack .../24-libpwquality-common_1.4.5-3_all.deb ... 218s Unpacking libpwquality-common (1.4.5-3) ... 218s Selecting previously unselected package libpwquality1:ppc64el. 218s Preparing to unpack .../25-libpwquality1_1.4.5-3_ppc64el.deb ... 218s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 218s Selecting previously unselected package libpam-pwquality:ppc64el. 218s Preparing to unpack .../26-libpam-pwquality_1.4.5-3_ppc64el.deb ... 218s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 218s Selecting previously unselected package libwbclient0:ppc64el. 218s Preparing to unpack .../27-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 218s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 218s Selecting previously unselected package samba-libs:ppc64el. 218s Preparing to unpack .../28-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 218s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 219s Selecting previously unselected package libnss-sss:ppc64el. 219s Preparing to unpack .../29-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libpam-sss:ppc64el. 219s Preparing to unpack .../30-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package python3-sss. 219s Preparing to unpack .../31-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking python3-sss (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libc-ares2:ppc64el. 219s Preparing to unpack .../32-libc-ares2_1.27.0-1_ppc64el.deb ... 219s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 219s Selecting previously unselected package libdhash1:ppc64el. 219s Preparing to unpack .../33-libdhash1_0.6.2-2_ppc64el.deb ... 219s Unpacking libdhash1:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libbasicobjects0:ppc64el. 219s Preparing to unpack .../34-libbasicobjects0_0.6.2-2_ppc64el.deb ... 219s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libcollection4:ppc64el. 219s Preparing to unpack .../35-libcollection4_0.6.2-2_ppc64el.deb ... 219s Unpacking libcollection4:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libpath-utils1:ppc64el. 219s Preparing to unpack .../36-libpath-utils1_0.6.2-2_ppc64el.deb ... 219s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libref-array1:ppc64el. 219s Preparing to unpack .../37-libref-array1_0.6.2-2_ppc64el.deb ... 219s Unpacking libref-array1:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libini-config5:ppc64el. 219s Preparing to unpack .../38-libini-config5_0.6.2-2_ppc64el.deb ... 219s Unpacking libini-config5:ppc64el (0.6.2-2) ... 219s Selecting previously unselected package libsss-certmap0. 219s Preparing to unpack .../39-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-idmap0. 219s Preparing to unpack .../40-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-nss-idmap0. 219s Preparing to unpack .../41-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-common. 219s Preparing to unpack .../42-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-common (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-idp. 219s Preparing to unpack .../43-sssd-idp_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-passkey. 219s Preparing to unpack .../44-sssd-passkey_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-ad-common. 219s Preparing to unpack .../45-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-krb5-common. 219s Preparing to unpack .../46-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsmbclient:ppc64el. 219s Preparing to unpack .../47-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 219s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 219s Selecting previously unselected package sssd-ad. 219s Preparing to unpack .../48-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libipa-hbac0. 219s Preparing to unpack .../49-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-ipa. 219s Preparing to unpack .../50-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-krb5. 219s Preparing to unpack .../51-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-ldap. 219s Preparing to unpack .../52-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-proxy. 219s Preparing to unpack .../53-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd. 219s Preparing to unpack .../54-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-dbus. 219s Preparing to unpack .../55-sssd-dbus_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-kcm. 219s Preparing to unpack .../56-sssd-kcm_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package sssd-tools. 219s Preparing to unpack .../57-sssd-tools_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libipa-hbac-dev. 219s Preparing to unpack .../58-libipa-hbac-dev_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-certmap-dev. 219s Preparing to unpack .../59-libsss-certmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-idmap-dev. 219s Preparing to unpack .../60-libsss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-nss-idmap-dev. 219s Preparing to unpack .../61-libsss-nss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package libsss-sudo. 219s Preparing to unpack .../62-libsss-sudo_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package python3-libipa-hbac. 219s Preparing to unpack .../63-python3-libipa-hbac_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package python3-libsss-nss-idmap. 219s Preparing to unpack .../64-python3-libsss-nss-idmap_2.9.4-1ubuntu1_ppc64el.deb ... 219s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 219s Selecting previously unselected package autopkgtest-satdep. 219s Preparing to unpack .../65-1-autopkgtest-satdep.deb ... 219s Unpacking autopkgtest-satdep (0) ... 219s Setting up libpwquality-common (1.4.5-3) ... 219s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 219s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 219s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 219s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 219s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 219s Setting up libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 219s Setting up libtdb1:ppc64el (1.4.10-1) ... 219s Setting up libc-ares2:ppc64el (1.27.0-1) ... 219s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 219s Setting up libjose0:ppc64el (11-3build1) ... 219s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 219s Setting up libtalloc2:ppc64el (2.4.2-1) ... 219s Setting up libdhash1:ppc64el (0.6.2-2) ... 219s Setting up libtevent0:ppc64el (0.16.1-1) ... 219s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 219s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 219s Setting up libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 219s Setting up libltdl7:ppc64el (2.4.7-7) ... 219s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 219s Setting up libcollection4:ppc64el (0.6.2-2) ... 219s Setting up libodbc2:ppc64el (2.3.12-1) ... 219s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 219s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 219s Setting up libref-array1:ppc64el (0.6.2-2) ... 219s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 219s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 219s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 219s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 219s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 220s Creating new user openldap... done. 220s Creating initial configuration... done. 220s Creating LDAP directory... done. 220s Setting up tcl8.6 (8.6.13+dfsg-2) ... 220s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 220s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 220s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 220s Setting up libini-config5:ppc64el (0.6.2-2) ... 220s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 220s Setting up tcl-expect:ppc64el (5.45.4-2build1) ... 220s Setting up python3-sss (2.9.4-1ubuntu1) ... 220s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 220s Setting up libpwquality1:ppc64el (1.4.5-3) ... 220s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 220s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 220s Setting up expect (5.45.4-2build1) ... 220s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 220s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 220s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 220s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 220s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 220s Setting up sssd-common (2.9.4-1ubuntu1) ... 220s Creating SSSD system user & group... 221s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 221s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 221s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 221s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 221s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 221s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 222s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 222s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 222s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 222s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 223s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 223s sssd-autofs.service is a disabled or a static unit, not starting it. 223s sssd-nss.service is a disabled or a static unit, not starting it. 223s sssd-pam.service is a disabled or a static unit, not starting it. 223s sssd-ssh.service is a disabled or a static unit, not starting it. 223s sssd-sudo.service is a disabled or a static unit, not starting it. 223s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 223s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 223s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 223s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 224s sssd-kcm.service is a disabled or a static unit, not starting it. 224s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 224s sssd-ifp.service is a disabled or a static unit, not starting it. 224s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 224s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 225s sssd-pac.service is a disabled or a static unit, not starting it. 225s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 225s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 225s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 225s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 225s Setting up sssd-ad (2.9.4-1ubuntu1) ... 225s Setting up sssd-tools (2.9.4-1ubuntu1) ... 225s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 225s Setting up sssd (2.9.4-1ubuntu1) ... 225s Setting up libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 225s Setting up libverto1:ppc64el (0.3.1-1ubuntu5) ... 225s Setting up libkrad0:ppc64el (1.20.1-5build1) ... 225s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 225s Setting up sssd-idp (2.9.4-1ubuntu1) ... 225s Setting up autopkgtest-satdep (0) ... 225s Processing triggers for libc-bin (2.39-0ubuntu2) ... 225s Processing triggers for ufw (0.36.2-5) ... 225s Processing triggers for man-db (2.12.0-3) ... 226s Processing triggers for dbus (1.14.10-4ubuntu1) ... 234s (Reading database ... 71382 files and directories currently installed.) 234s Removing autopkgtest-satdep (0) ... 235s autopkgtest [18:26:10]: test ldap-user-group-ldap-auth: [----------------------- 235s + . debian/tests/util 235s + . debian/tests/common-tests 235s + mydomain=example.com 235s + myhostname=ldap.example.com 235s + mysuffix=dc=example,dc=com 235s + admin_dn=cn=admin,dc=example,dc=com 235s + admin_pw=secret 235s + ldap_user=testuser1 235s + ldap_user_pw=testuser1secret 235s + ldap_group=ldapusers 235s + adjust_hostname ldap.example.com 235s + local myhostname=ldap.example.com 235s + echo ldap.example.com 235s + hostname ldap.example.com 235s + grep -qE ldap.example.com /etc/hosts 235s + echo 127.0.1.10 ldap.example.com 235s + reconfigure_slapd 235s + debconf-set-selections 235s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 235s + dpkg-reconfigure -fnoninteractive -pcritical slapd 235s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 235s Moving old database directory to /var/backups: 235s - directory unknown... done. 235s Creating initial configuration... done. 235s Creating LDAP directory... done. 236s + generate_certs ldap.example.com 236s + local cn=ldap.example.com 236s + local cert=/etc/ldap/server.pem 236s + local key=/etc/ldap/server.key 236s + local cnf=/etc/ldap/openssl.cnf 236s + cat 236s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 236s ...................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 236s ..........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 236s ----- 236s + chmod 0640 /etc/ldap/server.key 236s + chgrp openldap /etc/ldap/server.key 236s + [ ! -f /etc/ldap/server.pem ] 236s + [ ! -f /etc/ldap/server.key ] 236s + enable_ldap_ssl 236s + cat 236s + cat 236s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 236s + populate_ldap_rfc2307 236s + cat 236s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 236s + configure_sssd_ldap_rfc2307 236s + cat 236s + chmod 0600 /etc/sssd/sssd.conf 236s + systemctl restart sssd 236s modifying entry "cn=config" 236s 236s adding new entry "ou=People,dc=example,dc=com" 236s 236s adding new entry "ou=Group,dc=example,dc=com" 236s 236s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 236s 236s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 236s 236s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 236s 236s + enable_pam_mkhomedir 236s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 236s + echo session optional pam_mkhomedir.so 236s + run_common_tests 236s + echo Assert local user databases do not have our LDAP test data 236s Assert local user databases do not have our LDAP test data 236s + check_local_user testuser1 236s + local local_user=testuser1 236s + grep -q ^testuser1 /etc/passwd 236s + check_local_group testuser1 236s + local local_group=testuser1 236s + grep -q ^testuser1 /etc/group 236s + check_local_group ldapusers 236s + local local_group=ldapusers 236s + grep -q ^ldapusers /etc/group 236s + echo The LDAP user is known to the system via getent 236s + check_getent_user testuser1 236s + local getent_user=testuser1 236s + local output 236s The LDAP user is known to the system via getent 236s + getent passwd testuser1 236s The LDAP user's private group is known to the system via getent 236s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 236s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 236s + echo The LDAP user's private group is known to the system via getent 236s + check_getent_group testuser1 236s + local getent_group=testuser1 236s + local output 236s + getent group testuser1 236s + output=testuser1:*:10001:testuser1 236s + [ -z testuser1:*:10001:testuser1 ] 236s + echo The LDAP group ldapusers is known to the system via getent 236s + check_getent_group ldapusers 236s + local getent_group=ldapusers 236s + local output 236s The LDAP group ldapusers is known to the system via getent 236s + getent group ldapusers 236s + output=ldapusers:*:10100:testuser1The id(1) command can resolve the group membership of the LDAP user 236s 236s + [ -z ldapusers:*:10100:testuser1 ] 236s + echo The id(1) command can resolve the group membership of the LDAP user 236s + id -Gn testuser1 236s + output=testuser1 ldapusers 236s + [ testuser1 ldapusers != testuser1 ldapusers ]The LDAP user can login on a terminal 236s 236s + echo The LDAP user can login on a terminal 236s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 236s spawn login 236s ldap.example.com login: testuser1 236s Password: 236s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 236s 236s * Documentation: https://help.ubuntu.com 236s * Management: https://landscape.canonical.com 236s * Support: https://ubuntu.com/pro 236s 236s 236s The programs included with the Ubuntu system are free software; 236s the exact distribution terms for each program are described in the 236s individual files in /usr/share/doc/*/copyright. 236s 236s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 236s applicable law. 236s 236s 236s The programs included with the Ubuntu system are free software; 236s the exact distribution terms for each program are described in the 236s individual files in /usr/share/doc/*/copyright. 236s 236s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 236s applicable law. 236s 236s Creating directory '/home/testuser1'. 236s [?2004htestuser1@ldap:~$ id -un 236s [?2004l testuser1 237s [?2004htestuser1@ldap:~$ autopkgtest [18:26:12]: test ldap-user-group-ldap-auth: -----------------------] 237s ldap-user-group-ldap-auth PASS 237s autopkgtest [18:26:12]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 237s autopkgtest [18:26:12]: test ldap-user-group-krb5-auth: preparing testbed 248s Reading package lists... 248s Building dependency tree... 248s Reading state information... 249s Starting pkgProblemResolver with broken count: 0 249s Starting 2 pkgProblemResolver with broken count: 0 249s Done 249s The following additional packages will be installed: 249s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 249s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 249s Suggested packages: 249s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 249s The following NEW packages will be installed: 249s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 249s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 249s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 249s Need to get 669 kB/670 kB of archives. 249s After this operation, 3104 kB of additional disk space will be used. 249s Get:1 /tmp/autopkgtest.D7GT7j/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [888 B] 249s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 249s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libgssrpc4 ppc64el 1.20.1-5build1 [64.3 kB] 249s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-5build1 [43.7 kB] 249s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libkdb5-10 ppc64el 1.20.1-5build1 [46.3 kB] 249s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-5build1 [60.8 kB] 249s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-user ppc64el 1.20.1-5build1 [117 kB] 249s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-kdc ppc64el 1.20.1-5build1 [207 kB] 249s Get:9 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-admin-server ppc64el 1.20.1-5build1 [108 kB] 250s Preconfiguring packages ... 251s Fetched 669 kB in 1s (1235 kB/s) 251s Selecting previously unselected package krb5-config. 251s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 71382 files and directories currently installed.) 251s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 251s Unpacking krb5-config (2.7) ... 251s Selecting previously unselected package libgssrpc4:ppc64el. 251s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_ppc64el.deb ... 251s Unpacking libgssrpc4:ppc64el (1.20.1-5build1) ... 251s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 251s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_ppc64el.deb ... 251s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 251s Selecting previously unselected package libkdb5-10:ppc64el. 251s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_ppc64el.deb ... 251s Unpacking libkdb5-10:ppc64el (1.20.1-5build1) ... 251s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 251s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_ppc64el.deb ... 251s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 251s Selecting previously unselected package krb5-user. 251s Preparing to unpack .../5-krb5-user_1.20.1-5build1_ppc64el.deb ... 251s Unpacking krb5-user (1.20.1-5build1) ... 251s Selecting previously unselected package krb5-kdc. 251s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_ppc64el.deb ... 251s Unpacking krb5-kdc (1.20.1-5build1) ... 251s Selecting previously unselected package krb5-admin-server. 251s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_ppc64el.deb ... 251s Unpacking krb5-admin-server (1.20.1-5build1) ... 251s Selecting previously unselected package autopkgtest-satdep. 251s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 251s Unpacking autopkgtest-satdep (0) ... 251s Setting up libgssrpc4:ppc64el (1.20.1-5build1) ... 251s Setting up krb5-config (2.7) ... 251s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 251s Setting up libkdb5-10:ppc64el (1.20.1-5build1) ... 251s Setting up libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 251s Setting up krb5-user (1.20.1-5build1) ... 251s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 251s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 251s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 251s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 251s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 251s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 251s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 251s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 251s Setting up krb5-kdc (1.20.1-5build1) ... 252s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 252s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 252s Setting up krb5-admin-server (1.20.1-5build1) ... 253s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 253s Setting up autopkgtest-satdep (0) ... 253s Processing triggers for man-db (2.12.0-3) ... 254s Processing triggers for libc-bin (2.39-0ubuntu2) ... 261s (Reading database ... 71475 files and directories currently installed.) 261s Removing autopkgtest-satdep (0) ... 261s autopkgtest [18:26:36]: test ldap-user-group-krb5-auth: [----------------------- 262s + . debian/tests/util 262s + . debian/tests/common-tests 262s + mydomain=example.com 262s + myhostname=ldap.example.com 262s + mysuffix=dc=example,dc=com 262s + myrealm=EXAMPLE.COM 262s + admin_dn=cn=admin,dc=example,dc=com 262s + admin_pw=secret 262s + ldap_user=testuser1 262s + ldap_user_pw=testuser1secret 262s + kerberos_principal_pw=testuser1kerberos 262s + ldap_group=ldapusers 262s + adjust_hostname ldap.example.com 262s + local myhostname=ldap.example.com 262s + echo ldap.example.com 262s + hostname ldap.example.com 262s + grep -qE ldap.example.com /etc/hosts 262s + reconfigure_slapd 262s + debconf-set-selections 262s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240320-182610.ldapdb 262s + dpkg-reconfigure -fnoninteractive -pcritical slapd 262s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 262s Moving old database directory to /var/backups: 262s - directory unknown... done. 262s Creating initial configuration... done. 262s Creating LDAP directory... done. 262s + generate_certs ldap.example.com 262s + local cn=ldap.example.com 262s + local cert=/etc/ldap/server.pem 262s + local key=/etc/ldap/server.key 262s + local cnf=/etc/ldap/openssl.cnf 262s + cat 262s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 262s ...................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 262s ......................................................++++++++++++++++++++++++++++++++++++++++++++++++modifying entry "cn=config" 262s 262s adding new entry "ou=People,dc=example,dc=com" 262s 262s adding new entry "ou=Group,dc=example,dc=com" 262s 262s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 262s 262s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 262s 262s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 262s 262s ++++++++++++++++ 262s ----- 262s + chmod 0640 /etc/ldap/server.key 262s + chgrp openldap /etc/ldap/server.key 262s + [ ! -f /etc/ldap/server.pem ] 262s + [ ! -f /etc/ldap/server.key ] 262s + enable_ldap_ssl 262s + cat 262s + cat 262s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 262s + populate_ldap_rfc2307 262s + + cat 262s ldapadd -x -D cn=admin,dc=example,dc=com -w secret 262s + create_realm EXAMPLE.COM ldap.example.com 262s + local realm_name=EXAMPLE.COM 262s + local kerberos_server=ldap.example.com 262s + rm -rf /var/lib/krb5kdc/* 262s + rm -rf /etc/krb5kdc/kdc.conf 262s + rm -f /etc/krb5.keytab 262s + cat 262s + cat 262s + echo # */admin * 262s + kdb5_util create -s -P secretpassword 262s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 262s master key name 'K/M@EXAMPLE.COM' 262s + systemctl restart krb5-kdc.service krb5-admin-server.service 263s + create_krb_principal testuser1 testuser1kerberos 263s + local principal=testuser1 263s + local password=testuser1kerberos 263s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 263s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 263s Authenticating as principal root/admin@EXAMPLE.COM with password. 263s Principal "testuser1@EXAMPLE.COM" created. 263s + configure_sssd_ldap_rfc2307_krb5_auth 263s + cat 263s + chmod 0600 /etc/sssd/sssd.conf 263s + systemctl restart sssd 263s + enable_pam_mkhomedir 263s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 263s Assert local user databases do not have our LDAP test data 263s + run_common_tests 263s + echo Assert local user databases do not have our LDAP test data 263s + check_local_user testuser1 263s + local local_user=testuser1 263s + grep -q ^testuser1 /etc/passwd 263s + check_local_group testuser1 263s + local local_group=testuser1 263s + grep -q ^testuser1 /etc/group 263s + check_local_group ldapusers 263s + local local_group=ldapusers 263s + grep -q ^ldapusers /etc/group 263s + echo The LDAP user is known to the system via getent 263s + check_getent_user testuser1 263s + local getent_user=testuser1 263s + local output 263s + getent passwd testuser1 263s The LDAP user is known to the system via getent 263s + The LDAP user's private group is known to the system via getent 263s output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 263s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 263s + echo The LDAP user's private group is known to the system via getent 263s + check_getent_group testuser1 263s + local getent_group=testuser1 263s + local output 263s + getent group testuser1 263s The LDAP group ldapusers is known to the system via getent 263s + output=testuser1:*:10001:testuser1 263s + [ -z testuser1:*:10001:testuser1 ] 263s + echo The LDAP group ldapusers is known to the system via getent 263s + check_getent_group ldapusers 263s + local getent_group=ldapusers 263s + local output 263s + getent group ldapusers 263s + output=ldapusers:*:10100:testuser1 263s + [ -z ldapusers:*:10100:testuser1 ] 263s + echo The id(1) command can resolve the group membership of the LDAP user 263s The id(1) command can resolve the group membership of the LDAP user 263s + id -Gn testuser1 263s The Kerberos principal can login on a terminal 263s + output=testuser1 ldapusers 263s + [ testuser1 ldapusers != testuser1 ldapusers ] 263s + echo The Kerberos principal can login on a terminal 263s + kdestroy 263s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 263s spawn login 263s ldap.example.com login: testuser1 263s Password: 263s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 263s 263s * Documentation: https://help.ubuntu.com 263s * Management: https://landscape.canonical.com 263s * Support: https://ubuntu.com/pro 263s 263s 263s The programs included with the Ubuntu system are free software; 263s the exact distribution terms for each program are described in the 263s individual files in /usr/share/doc/*/copyright. 263s 263s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 263s applicable law. 263s 263s Last login: Wed Mar 20 18:26:11 UTC 2024 on pts/0 263s [?2004htestuser1@ldap:~$ id -un 263s [?2004l testuser1 263s [?2004htestuser1@ldap:~$ klist 263s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_Dysei1 263s Default principal: testuser1@EXAMPLE.COMautopkgtest [18:26:38]: test ldap-user-group-krb5-auth: -----------------------] 264s ldap-user-group-krb5-auth PASS 264s autopkgtest [18:26:39]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 264s autopkgtest [18:26:39]: test sssd-softhism2-certificates-tests.sh: preparing testbed 372s autopkgtest [18:28:27]: testbed dpkg architecture: ppc64el 372s autopkgtest [18:28:27]: testbed apt version: 2.7.12 372s autopkgtest [18:28:27]: @@@@@@@@@@@@@@@@@@@@ test bed setup 373s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 374s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 374s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 374s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [501 kB] 374s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3809 kB] 376s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [686 kB] 376s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 376s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 376s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 376s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4160 kB] 377s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 377s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [58.6 kB] 377s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 379s Fetched 9405 kB in 4s (2358 kB/s) 379s Reading package lists... 382s Reading package lists... 382s Building dependency tree... 382s Reading state information... 382s Calculating upgrade... 382s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 382s Reading package lists... 382s Building dependency tree... 382s Reading state information... 383s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 383s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 383s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 383s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 383s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 384s Reading package lists... 384s Reading package lists... 385s Building dependency tree... 385s Reading state information... 385s Calculating upgrade... 385s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 385s Reading package lists... 385s Building dependency tree... 385s Reading state information... 385s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 394s Reading package lists... 394s Building dependency tree... 394s Reading state information... 395s Starting pkgProblemResolver with broken count: 0 395s Starting 2 pkgProblemResolver with broken count: 0 395s Done 395s The following additional packages will be installed: 395s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 395s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 395s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 395s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 395s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 395s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 395s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 395s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 395s sssd-krb5-common sssd-ldap sssd-proxy 395s Suggested packages: 395s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 395s Recommended packages: 395s cracklib-runtime libsasl2-modules-gssapi-mit 395s | libsasl2-modules-gssapi-heimdal ldap-utils 395s The following NEW packages will be installed: 395s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 395s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 395s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 395s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 395s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 395s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 395s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 395s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 395s sssd-krb5-common sssd-ldap sssd-proxy 395s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 395s Need to get 11.4 MB/11.4 MB of archives. 395s After this operation, 56.9 MB of additional disk space will be used. 395s Get:1 /tmp/autopkgtest.D7GT7j/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [748 B] 395s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 395s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libunbound8 ppc64el 1.19.1-1ubuntu1 [537 kB] 395s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libgnutls-dane0 ppc64el 3.8.3-1ubuntu1 [24.5 kB] 395s Get:5 http://ftpmaster.internal/ubuntu noble/universe ppc64el gnutls-bin ppc64el 3.8.3-1ubuntu1 [290 kB] 395s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 395s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 395s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 396s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 396s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 396s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 396s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 396s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 396s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 396s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 396s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 396s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 396s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 396s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 396s Get:20 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2 [5810 B] 396s Get:21 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2 [294 kB] 396s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2 [196 kB] 396s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 396s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 396s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 396s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 396s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 396s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 396s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 396s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 396s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 396s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 396s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 396s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 396s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 396s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 397s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 397s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 397s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 397s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 397s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 397s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 397s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 397s Get:44 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 397s Get:45 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 397s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 397s Fetched 11.4 MB in 2s (6177 kB/s) 397s Selecting previously unselected package libevent-2.1-7:ppc64el. 397s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 397s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 397s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 397s Selecting previously unselected package libunbound8:ppc64el. 397s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_ppc64el.deb ... 397s Unpacking libunbound8:ppc64el (1.19.1-1ubuntu1) ... 397s Selecting previously unselected package libgnutls-dane0:ppc64el. 397s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_ppc64el.deb ... 397s Unpacking libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 397s Selecting previously unselected package gnutls-bin. 397s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_ppc64el.deb ... 397s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 397s Selecting previously unselected package libavahi-common-data:ppc64el. 397s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 397s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 397s Selecting previously unselected package libavahi-common3:ppc64el. 397s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 397s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 397s Selecting previously unselected package libavahi-client3:ppc64el. 397s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 397s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 397s Selecting previously unselected package libcrack2:ppc64el. 397s Preparing to unpack .../07-libcrack2_2.9.6-5.1_ppc64el.deb ... 397s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 397s Selecting previously unselected package libtalloc2:ppc64el. 397s Preparing to unpack .../08-libtalloc2_2.4.2-1_ppc64el.deb ... 397s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 397s Selecting previously unselected package libtdb1:ppc64el. 397s Preparing to unpack .../09-libtdb1_1.4.10-1_ppc64el.deb ... 397s Unpacking libtdb1:ppc64el (1.4.10-1) ... 397s Selecting previously unselected package libtevent0:ppc64el. 397s Preparing to unpack .../10-libtevent0_0.16.1-1_ppc64el.deb ... 397s Unpacking libtevent0:ppc64el (0.16.1-1) ... 397s Selecting previously unselected package libldb2:ppc64el. 397s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 397s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 397s Selecting previously unselected package libnfsidmap1:ppc64el. 397s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 397s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 397s Selecting previously unselected package libpwquality-common. 397s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 397s Unpacking libpwquality-common (1.4.5-3) ... 397s Selecting previously unselected package libpwquality1:ppc64el. 397s Preparing to unpack .../14-libpwquality1_1.4.5-3_ppc64el.deb ... 397s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 397s Selecting previously unselected package libpam-pwquality:ppc64el. 397s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_ppc64el.deb ... 397s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 397s Selecting previously unselected package libwbclient0:ppc64el. 397s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 397s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 397s Selecting previously unselected package samba-libs:ppc64el. 397s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 397s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 398s Selecting previously unselected package softhsm2-common. 398s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_ppc64el.deb ... 398s Unpacking softhsm2-common (2.6.1-2.2) ... 398s Selecting previously unselected package libsofthsm2. 398s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_ppc64el.deb ... 398s Unpacking libsofthsm2 (2.6.1-2.2) ... 398s Selecting previously unselected package softhsm2. 398s Preparing to unpack .../20-softhsm2_2.6.1-2.2_ppc64el.deb ... 398s Unpacking softhsm2 (2.6.1-2.2) ... 398s Selecting previously unselected package python3-sss. 398s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking python3-sss (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libsss-idmap0. 398s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libnss-sss:ppc64el. 398s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libpam-sss:ppc64el. 398s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libc-ares2:ppc64el. 398s Preparing to unpack .../25-libc-ares2_1.27.0-1_ppc64el.deb ... 398s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 398s Selecting previously unselected package libdhash1:ppc64el. 398s Preparing to unpack .../26-libdhash1_0.6.2-2_ppc64el.deb ... 398s Unpacking libdhash1:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libbasicobjects0:ppc64el. 398s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_ppc64el.deb ... 398s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libcollection4:ppc64el. 398s Preparing to unpack .../28-libcollection4_0.6.2-2_ppc64el.deb ... 398s Unpacking libcollection4:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libpath-utils1:ppc64el. 398s Preparing to unpack .../29-libpath-utils1_0.6.2-2_ppc64el.deb ... 398s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libref-array1:ppc64el. 398s Preparing to unpack .../30-libref-array1_0.6.2-2_ppc64el.deb ... 398s Unpacking libref-array1:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libini-config5:ppc64el. 398s Preparing to unpack .../31-libini-config5_0.6.2-2_ppc64el.deb ... 398s Unpacking libini-config5:ppc64el (0.6.2-2) ... 398s Selecting previously unselected package libsss-certmap0. 398s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libsss-nss-idmap0. 398s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-common. 398s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-common (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-ad-common. 398s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-krb5-common. 398s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libsmbclient:ppc64el. 398s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 398s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 398s Selecting previously unselected package sssd-ad. 398s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package libipa-hbac0. 398s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-ipa. 398s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-krb5. 398s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-ldap. 398s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd-proxy. 398s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package sssd. 398s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 398s Unpacking sssd (2.9.4-1ubuntu1) ... 398s Selecting previously unselected package autopkgtest-satdep. 398s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 398s Unpacking autopkgtest-satdep (0) ... 398s Setting up libpwquality-common (1.4.5-3) ... 398s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 398s Setting up softhsm2-common (2.6.1-2.2) ... 398s 398s Creating config file /etc/softhsm/softhsm2.conf with new version 398s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 398s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 398s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 398s Setting up libtdb1:ppc64el (1.4.10-1) ... 398s Setting up libc-ares2:ppc64el (1.27.0-1) ... 398s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 398s Setting up libtalloc2:ppc64el (2.4.2-1) ... 398s Setting up libdhash1:ppc64el (0.6.2-2) ... 398s Setting up libtevent0:ppc64el (0.16.1-1) ... 398s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 398s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 398s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 398s Setting up libcollection4:ppc64el (0.6.2-2) ... 398s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 398s Setting up libref-array1:ppc64el (0.6.2-2) ... 398s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 398s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 398s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 398s Setting up libsofthsm2 (2.6.1-2.2) ... 398s Setting up softhsm2 (2.6.1-2.2) ... 398s Setting up libini-config5:ppc64el (0.6.2-2) ... 398s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 398s Setting up python3-sss (2.9.4-1ubuntu1) ... 399s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 399s Setting up libunbound8:ppc64el (1.19.1-1ubuntu1) ... 399s Setting up libpwquality1:ppc64el (1.4.5-3) ... 399s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 399s Setting up libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 399s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 399s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 399s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 399s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 399s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 399s Setting up sssd-common (2.9.4-1ubuntu1) ... 399s Creating SSSD system user & group... 399s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 399s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 399s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 399s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 399s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 400s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 400s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 400s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 400s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 401s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 401s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 401s sssd-autofs.service is a disabled or a static unit, not starting it. 401s sssd-nss.service is a disabled or a static unit, not starting it. 401s sssd-pam.service is a disabled or a static unit, not starting it. 401s sssd-ssh.service is a disabled or a static unit, not starting it. 401s sssd-sudo.service is a disabled or a static unit, not starting it. 401s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 401s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 401s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 402s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 402s sssd-pac.service is a disabled or a static unit, not starting it. 402s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 402s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 402s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 402s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 402s Setting up sssd-ad (2.9.4-1ubuntu1) ... 402s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 402s Setting up sssd (2.9.4-1ubuntu1) ... 402s Setting up autopkgtest-satdep (0) ... 402s Processing triggers for man-db (2.12.0-3) ... 403s Processing triggers for libc-bin (2.39-0ubuntu2) ... 406s (Reading database ... 70683 files and directories currently installed.) 406s Removing autopkgtest-satdep (0) ... 412s autopkgtest [18:29:07]: test sssd-softhism2-certificates-tests.sh: [----------------------- 412s + '[' -z ubuntu ']' 412s + required_tools=(p11tool openssl softhsm2-util) 412s + for cmd in "${required_tools[@]}" 412s + command -v p11tool 412s + for cmd in "${required_tools[@]}" 412s + command -v openssl 412s + for cmd in "${required_tools[@]}" 412s + command -v softhsm2-util 412s + PIN=053350 412s +++ find /usr/lib/softhsm/libsofthsm2.so 412s +++ head -n 1 412s ++ realpath /usr/lib/softhsm/libsofthsm2.so 412s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 412s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 412s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 412s + '[' '!' -v NO_SSSD_TESTS ']' 412s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 412s + ca_db_arg=ca_db 412s ++ /usr/libexec/sssd/p11_child --help 412s + p11_child_help='Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + echo 'Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + grep nssdb -qs 412s + echo 'Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s + grep -qs -- --ca_db 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 412s ++ mktemp -d -t sssd-softhsm2-XXXXXX 412s + tmpdir=/tmp/sssd-softhsm2-QgnvwL 412s + keys_size=1024 412s + [[ ! -v KEEP_TEMPORARY_FILES ]] 412s + trap 'rm -rf "$tmpdir"' EXIT 412s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 412s + echo -n 01 412s + touch /tmp/sssd-softhsm2-QgnvwL/index.txt 412s + mkdir -p /tmp/sssd-softhsm2-QgnvwL/new_certs 412s + cat 412s + root_ca_key_pass=pass:random-root-CA-password-2813 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA-key.pem -passout pass:random-root-CA-password-2813 1024 412s + openssl req -passin pass:random-root-CA-password-2813 -batch -config /tmp/sssd-softhsm2-QgnvwL/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-QgnvwL/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 412s + cat 412s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-14757 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14757 1024 412s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-14757 -config /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.config -key /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-2813 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-certificate-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-certificate-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:c6:34:a9:52:86:b9:ec:c5:5a:8a:3a:69:22:02: 412s d8:3a:e4:e8:bb:87:90:b9:d2:e4:c5:8d:95:d8:b0: 412s 98:d8:41:87:f7:ab:45:f9:4f:12:4c:3d:5e:a5:43: 412s 8a:18:82:12:68:cf:7d:7c:71:58:d9:2b:cb:cd:c6: 412s 31:dd:73:26:b1:62:27:d3:88:80:e6:9e:27:d2:99: 412s b6:3a:57:72:43:63:ca:3c:1b:1d:c6:d9:eb:66:30: 412s c7:e6:65:fb:16:1d:a1:79:87:77:52:ee:62:81:26: 412s 1c:f9:c9:87:37:fb:dc:4e:ed:ac:ff:50:fc:0c:ef: 412s 8e:e0:b2:83:f2:f2:5b:0b:95 412s Exponent: 65537 (0x10001) 412s Attributes: 412s (none) 412s Requested Extensions: 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 79:a7:ac:c2:63:d8:53:5e:fc:19:af:05:d7:ca:47:af:98:b1: 412s 66:1a:bb:c5:52:5e:18:50:51:9e:2c:32:4a:4b:a9:a2:68:63: 412s d4:c8:8d:be:37:e7:1e:d8:97:95:48:d3:a5:8e:a0:53:31:ff: 412s 08:4e:82:f7:2f:45:97:ee:c0:0a:1c:04:4f:88:8b:c8:bb:41: 412s e6:7e:a1:ae:e1:6a:cb:fa:b1:c9:51:0e:5b:16:94:7a:b7:62: 412s a7:4b:bc:ab:1c:e7:44:72:73:47:72:15:ff:19:94:9e:bd:ae: 412s a2:ee:6b:19:9e:1d:41:df:68:d9:de:39:9f:41:43:dc:3a:a2: 412s ae:78 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-QgnvwL/test-root-CA.config -passin pass:random-root-CA-password-2813 -keyfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA-key.pem -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 412s Using configuration from /tmp/sssd-softhsm2-QgnvwL/test-root-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 1 (0x1) 412s Validity 412s Not Before: Mar 20 18:29:07 2024 GMT 412s Not After : Mar 20 18:29:07 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Intermediate CA 412s X509v3 extensions: 412s X509v3 Subject Key Identifier: 412s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 412s X509v3 Authority Key Identifier: 412s keyid:A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 412s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 412s serial:00 412s X509v3 Basic Constraints: 412s CA:TRUE 412s X509v3 Key Usage: critical 412s Digital Signature, Certificate Sign, CRL Sign 412s Certificate is to be certified until Mar 20 18:29:07 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 412s + cat 412s /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem: OK 412s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-29890 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-29890 1024 412s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-29890 -config /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14757 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-certificate-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-certificate-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:b0:ab:31:95:2a:10:0c:21:dd:af:e3:d1:a8:1e: 412s e2:72:8d:68:7e:c7:de:bc:7b:91:4c:ba:4c:2a:45: 412s be:f2:38:f2:cb:4a:b9:74:11:90:95:80:a4:4e:a2: 412s c3:68:7c:fc:ed:d1:01:4b:9a:1c:d1:24:10:c1:15: 412s 84:92:c2:8d:b0:de:c4:ee:cf:dc:4f:dc:2e:6e:b2: 412s 3d:b1:8d:7b:6b:d9:b8:02:f1:e6:4c:a1:30:11:36: 412s 42:d6:73:ee:d6:31:78:50:0a:3f:4a:c3:b2:c4:6f: 412s 5a:d2:ff:c5:7e:fa:3b:b2:46:8d:d9:4f:1f:43:37: 412s 7d:9a:6c:05:39:94:4d:4a:f9 412s Exponent: 65537 (0x10001) 412s Attributes: 412s (none) 412s Requested Extensions: 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 30:b9:d9:78:20:ee:53:82:83:4d:71:cd:82:f7:f7:86:b0:5c: 412s e6:fe:c0:45:56:51:a9:f1:e0:e1:70:c2:0d:f0:86:64:af:2f: 412s b2:1e:e8:ef:b8:e4:80:2c:ce:d6:80:b7:9f:68:ca:f9:e1:3b: 412s 26:e0:7d:b6:af:06:ee:2a:64:d8:63:2b:94:22:68:a0:8c:e5: 412s df:23:20:34:0b:b2:d7:91:59:0a:9e:d3:47:97:16:b1:45:09: 412s 55:59:53:f0:8f:ab:ba:83:e1:2d:73:9a:9c:48:74:62:9b:a0: 412s 38:f5:53:ec:a1:3d:c5:34:52:c7:01:72:ae:cc:38:d0:00:83: 412s e4:cd 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-14757 -keyfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s Using configuration from /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 2 (0x2) 412s Validity 412s Not Before: Mar 20 18:29:07 2024 GMT 412s Not After : Mar 20 18:29:07 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Sub Intermediate CA 412s X509v3 extensions: 412s X509v3 Subject Key Identifier: 412s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 412s X509v3 Authority Key Identifier: 412s keyid:DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 412s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 412s serial:01 412s X509v3 Basic Constraints: 412s CA:TRUE 412s X509v3 Key Usage: critical 412s Digital Signature, Certificate Sign, CRL Sign 412s Certificate is to be certified until Mar 20 18:29:07 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem: OK 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem: verification failed 412s + cat 412s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-14891 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-14891 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-14891 -key /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 412s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 412s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 412s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 412s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 412s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 412s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 412s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 412s b9:4f:fb:9d:a1:c0:1c:cf:07 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Root CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 76:98:da:c2:70:f3:fd:0f:d1:2e:fe:3c:47:17:ff:b7:e7:11: 412s f4:74:71:fe:02:51:75:08:5a:11:1f:4b:64:bc:fc:fe:ba:f7: 412s 7a:8f:e4:1f:47:6c:d6:3c:85:a9:a9:91:5e:f4:63:8d:25:da: 412s d8:05:85:63:89:9e:5c:89:2a:1e:05:09:8f:8d:02:75:fb:cf: 412s 4e:5a:40:ed:45:04:b5:8c:55:b9:b1:87:50:41:3f:b3:5e:f0: 412s b9:a0:9e:a3:83:e2:a4:e6:86:d3:9f:16:20:ec:2a:d5:10:7c: 412s cf:60:fd:31:2a:35:fc:3b:78:f4:4c:7a:44:a8:e7:04:f5:05: 412s 73:e4 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-QgnvwL/test-root-CA.config -passin pass:random-root-CA-password-2813 -keyfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA-key.pem -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 412s Using configuration from /tmp/sssd-softhsm2-QgnvwL/test-root-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 3 (0x3) 412s Validity 412s Not Before: Mar 20 18:29:07 2024 GMT 412s Not After : Mar 20 18:29:07 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Root Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Root CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Mar 20 18:29:07 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem: OK 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem: verification failed 412s + cat 412s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-24905 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-24905 -key /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 412s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 412s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 412s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 412s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 412s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 412s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 412s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 412s a4:22:b3:57:71:2f:19:0a:53 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 3e:10:5d:ca:68:18:52:94:f0:58:94:41:18:5e:d8:f6:f8:35: 412s 10:1d:53:7a:32:3b:7b:7e:fa:07:a6:92:c0:65:a7:3b:75:f4: 412s 59:22:ae:e1:ae:47:ea:28:62:83:23:b3:66:7b:44:4e:fc:19: 412s b2:1d:78:58:5d:aa:f4:15:81:a9:af:7f:9d:df:30:0d:1e:db: 412s 34:c3:59:6d:66:8f:67:b9:31:67:a2:4d:f8:1e:54:eb:1d:dd: 412s 01:2a:ea:1c:73:5b:e9:70:bd:5d:43:13:48:db:7e:da:2d:48: 412s 1e:bf:25:32:b4:a1:6b:17:ac:4b:04:f5:b8:06:89:25:0f:df: 412s d3:cc 412s + openssl ca -passin pass:random-intermediate-CA-password-14757 -config /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 412s Using configuration from /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 4 (0x4) 412s Validity 412s Not Before: Mar 20 18:29:07 2024 GMT 412s Not After : Mar 20 18:29:07 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Intermediate Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Mar 20 18:29:07 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 412s + echo 'This certificate should not be trusted fully' 412s This certificate should not be trusted fully 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 412s error 2 at 1 depth lookup: unable to get issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem: OK 412s + cat 412s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-10790 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-10790 -key /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 412s + openssl ca -passin pass:random-sub-intermediate-CA-password-29890 -config /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 412s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 412s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 412s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 412s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 412s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 412s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 412s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 412s bb:62:45:70:61:86:55:be:03 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Sub Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 77:cb:a2:d3:1d:e7:ab:8a:46:3b:24:e0:7e:be:b0:bd:3c:21: 412s 0a:cf:dc:83:a0:50:ed:50:d5:26:ba:1c:73:1b:0d:88:3f:f1: 412s be:2f:62:ca:63:97:ba:5b:68:23:9b:da:98:95:04:08:bc:7f: 412s 8a:a7:a7:9e:3c:2c:1f:0c:a8:c7:ee:c7:ac:60:cb:81:cf:54: 412s 07:52:29:6e:5a:06:22:df:da:33:14:47:dd:2c:61:86:00:22: 412s 2e:43:af:aa:55:2f:d4:39:60:4a:ba:d5:df:fc:ae:cb:9c:18: 412s ca:c3:b4:72:95:58:b7:03:f8:b7:c6:3c:7c:95:4c:4c:3a:61: 412s b6:d9 412s Using configuration from /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 5 (0x5) 412s Validity 412s Not Before: Mar 20 18:29:07 2024 GMT 412s Not After : Mar 20 18:29:07 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Sub Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Mar 20 18:29:07 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s This certificate should not be trusted fully 412s + echo 'This certificate should not be trusted fully' 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s error 2 at 1 depth lookup: unable to get issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 412s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s Building a the full-chain CA file... 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + echo 'Building a the full-chain CA file...' 412s + cat /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s + cat /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 412s + cat /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 412s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 413s + openssl pkcs7 -print_certs -noout 413s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s 413s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 413s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s 413s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 413s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 413s 413s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 413s /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem: OK 413s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem: OK 413s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 413s /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem: OK 413s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem 413s /tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem: OK 413s + openssl verify -CAfile /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 413s /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 413s Certificates generation completed! 413s + echo 'Certificates generation completed!' 413s + [[ -v NO_SSSD_TESTS ]] 413s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /dev/null 413s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /dev/null 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_ring=/dev/null 413s + local verify_option= 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + local key_file 413s + local decrypted_key 413s + mkdir -p /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 413s + key_file=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key.pem 413s + decrypted_key=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key-decrypted.pem 413s + cat 413s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 413s Slot 0 has a free/uninitialized token. 413s The token has been initialized and is reassigned to slot 186868619 413s + softhsm2-util --show-slots 413s Available slots: 413s Slot 186868619 413s Slot info: 413s Description: SoftHSM slot ID 0xb23638b 413s Manufacturer ID: SoftHSM project 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Token present: yes 413s Token info: 413s Manufacturer ID: SoftHSM project 413s Model: SoftHSM v2 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Serial number: 4b6dbcbc8b23638b 413s Initialized: yes 413s User PIN init.: yes 413s Label: Test Organization Root Tr Token 413s Slot 1 413s Slot info: 413s Description: SoftHSM slot ID 0x1 413s Manufacturer ID: SoftHSM project 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Token present: yes 413s Token info: 413s Manufacturer ID: SoftHSM project 413s Model: SoftHSM v2 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Serial number: 413s Initialized: no 413s User PIN init.: no 413s Label: 413s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 413s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-14891 -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key-decrypted.pem 413s writing RSA key 413s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 413s + rm /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001-key-decrypted.pem 413s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 413s Object 0: 413s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 413s Type: X.509 Certificate (RSA-1024) 413s Expires: Thu Mar 20 18:29:07 2025 413s Label: Test Organization Root Trusted Certificate 0001 413s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 413s 413s Test Organization Root Tr Token 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n '' ']' 413s + local output_base_name=SSSD-child-15294 413s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15294.output 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15294.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 413s [p11_child[3025]] [main] (0x0400): p11_child started. 413s [p11_child[3025]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3025]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3025]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3025]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 413s [p11_child[3025]] [do_work] (0x0040): init_verification failed. 413s [p11_child[3025]] [main] (0x0020): p11_child failed (5) 413s + return 2 413s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /dev/null no_verification 413s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /dev/null no_verification 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_ring=/dev/null 413s + local verify_option=no_verification 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s Test Organization Root Tr Token 413s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n no_verification ']' 413s + local verify_arg=--verify=no_verification 413s + local output_base_name=SSSD-child-11761 413s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.output 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 413s [p11_child[3031]] [main] (0x0400): p11_child started. 413s [p11_child[3031]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3031]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3031]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3031]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 413s [p11_child[3031]] [do_card] (0x4000): Module List: 413s [p11_child[3031]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3031]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3031]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3031]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3031]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3031]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3031]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3031]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3031]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3031]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Mar 20 18:29:07 2024 GMT 413s Not After : Mar 20 18:29:07 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 413s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 413s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 413s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 413s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 413s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 413s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 413s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 413s b9:4f:fb:9d:a1:c0:1c:cf:07 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 413s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 413s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 413s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 413s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 413s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 413s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 413s 52:80 413s + local found_md5 expected_md5 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + expected_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761.pem 413s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 413s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.output 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.output .output 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.pem 413s + echo -n 053350 413s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 413s [p11_child[3039]] [main] (0x0400): p11_child started. 413s [p11_child[3039]] [main] (0x2000): Running in [auth] mode. 413s [p11_child[3039]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3039]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3039]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 413s [p11_child[3039]] [do_card] (0x4000): Module List: 413s [p11_child[3039]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3039]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3039]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3039]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3039]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3039]] [do_card] (0x4000): Login required. 413s [p11_child[3039]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3039]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3039]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 413s [p11_child[3039]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 413s [p11_child[3039]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 413s [p11_child[3039]] [do_card] (0x4000): Certificate verified and validated. 413s [p11_child[3039]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Mar 20 18:29:07 2024 GMT 413s Not After : Mar 20 18:29:07 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 413s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 413s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 413s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 413s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 413s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 413s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 413s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 413s b9:4f:fb:9d:a1:c0:1c:cf:07 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 413s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 413s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 413s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 413s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 413s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 413s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 413s 52:80 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-11761-auth.pem 413s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 413s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s + local verify_option= 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s Test Organization Root Tr Token 413s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n '' ']' 413s + local output_base_name=SSSD-child-9625 413s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.output 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s [p11_child[3049]] [main] (0x0400): p11_child started. 413s [p11_child[3049]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3049]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3049]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3049]] [do_card] (0x4000): Module List: 413s [p11_child[3049]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3049]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3049]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3049]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3049]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3049]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3049]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3049]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3049]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3049]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3049]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Mar 20 18:29:07 2024 GMT 413s Not After : Mar 20 18:29:07 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 413s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 413s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 413s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 413s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 413s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 413s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 413s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 413s b9:4f:fb:9d:a1:c0:1c:cf:07 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 413s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 413s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 413s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 413s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 413s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 413s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 413s 52:80 413s + local found_md5 expected_md5 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + expected_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625.pem 413s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 413s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.output 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.output .output 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Mar 20 18:29:07 2024 GMT 413s Not After : Mar 20 18:29:07 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 413s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 413s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 413s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 413s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 413s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 413s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 413s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 413s b9:4f:fb:9d:a1:c0:1c:cf:07 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 413s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 413s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 413s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 413s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 413s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 413s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 413s 52:80 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.pem 413s + echo -n 053350 413s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 413s [p11_child[3057]] [main] (0x0400): p11_child started. 413s [p11_child[3057]] [main] (0x2000): Running in [auth] mode. 413s [p11_child[3057]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3057]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3057]] [do_card] (0x4000): Module List: 413s [p11_child[3057]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3057]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3057]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3057]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3057]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3057]] [do_card] (0x4000): Login required. 413s [p11_child[3057]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3057]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3057]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3057]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 413s [p11_child[3057]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 413s [p11_child[3057]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 413s [p11_child[3057]] [do_card] (0x4000): Certificate verified and validated. 413s [p11_child[3057]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.pem 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-9625-auth.pem 413s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 413s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 413s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s + local verify_option=partial_chain 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 413s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n partial_chain ']' 413s + local verify_arg=--verify=partial_chain 413s + local output_base_name=SSSD-child-15771 413s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.output 413s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 413s [p11_child[3067]] [main] (0x0400): p11_child started. 413s [p11_child[3067]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3067]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3067]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3067]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 413s [p11_child[3067]] [do_card] (0x4000): Module List: 413s [p11_child[3067]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3067]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3067]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3067]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3067]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3067]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3067]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3067]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3067]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3067]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3067]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.pem 413s + local found_md5 expected_md5 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 413s Test Organization Root Tr Token 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Mar 20 18:29:07 2024 GMT 413s Not After : Mar 20 18:29:07 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 413s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 413s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 413s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 413s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 413s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 413s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 413s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 413s b9:4f:fb:9d:a1:c0:1c:cf:07 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 413s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 413s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 413s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 413s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 413s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 413s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 413s 52:80 413s + expected_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.output 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.output .output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.pem 414s + echo -n 053350 414s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 414s [p11_child[3075]] [main] (0x0400): p11_child started. 414s [p11_child[3075]] [main] (0x2000): Running in [auth] mode. 414s [p11_child[3075]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3075]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3075]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3075]] [do_card] (0x4000): Module List: 414s [p11_child[3075]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3075]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3075]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3075]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3075]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3075]] [do_card] (0x4000): Login required. 414s [p11_child[3075]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3075]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3075]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3075]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 414s [p11_child[3075]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 414s [p11_child[3075]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 414s [p11_child[3075]] [do_card] (0x4000): Certificate verified and validated. 414s [p11_child[3075]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Mar 20 18:29:07 2024 GMT 414s Not After : Mar 20 18:29:07 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 414s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 414s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 414s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 414s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 414s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 414s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 414s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 414s b9:4f:fb:9d:a1:c0:1c:cf:07 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 414s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 414s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 414s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 414s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 414s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 414s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 414s 52:80 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-15771-auth.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s + local verify_option= 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s Test Organization Root Tr Token 414s + '[' -n '' ']' 414s + local output_base_name=SSSD-child-20566 414s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s [p11_child[3085]] [main] (0x0400): p11_child started. 414s [p11_child[3085]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3085]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3085]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3085]] [do_card] (0x4000): Module List: 414s [p11_child[3085]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3085]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3085]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3085]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3085]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3085]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3085]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3085]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3085]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3085]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3085]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Mar 20 18:29:07 2024 GMT 414s Not After : Mar 20 18:29:07 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 414s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 414s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 414s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 414s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 414s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 414s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 414s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 414s b9:4f:fb:9d:a1:c0:1c:cf:07 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 414s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 414s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 414s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 414s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 414s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 414s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 414s 52:80 414s + local found_md5 expected_md5 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + expected_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.output 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.output .output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.pem 414s + echo -n 053350 414s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 414s [p11_child[3093]] [main] (0x0400): p11_child started. 414s [p11_child[3093]] [main] (0x2000): Running in [auth] mode. 414s [p11_child[3093]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3093]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3093]] [do_card] (0x4000): Module List: 414s [p11_child[3093]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3093]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3093]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3093]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3093]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3093]] [do_card] (0x4000): Login required. 414s [p11_child[3093]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3093]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3093]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3093]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 414s [p11_child[3093]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 414s [p11_child[3093]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 414s [p11_child[3093]] [do_card] (0x4000): Certificate verified and validated. 414s [p11_child[3093]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Mar 20 18:29:07 2024 GMT 414s Not After : Mar 20 18:29:07 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 414s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 414s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 414s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 414s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 414s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 414s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 414s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 414s b9:4f:fb:9d:a1:c0:1c:cf:07 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 414s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 414s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 414s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 414s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 414s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 414s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 414s 52:80 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20566-auth.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 414s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s + local verify_option=partial_chain 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 414s Test Organization Root Tr Token 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s + '[' -n partial_chain ']' 414s + local verify_arg=--verify=partial_chain 414s + local output_base_name=SSSD-child-3937 414s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 414s [p11_child[3103]] [main] (0x0400): p11_child started. 414s [p11_child[3103]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3103]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3103]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3103]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3103]] [do_card] (0x4000): Module List: 414s [p11_child[3103]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3103]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3103]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3103]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3103]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3103]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3103]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3103]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3103]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3103]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3103]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Mar 20 18:29:07 2024 GMT 414s Not After : Mar 20 18:29:07 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 414s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 414s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 414s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 414s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 414s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 414s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 414s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 414s b9:4f:fb:9d:a1:c0:1c:cf:07 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 414s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 414s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 414s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 414s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 414s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 414s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 414s 52:80 414s + local found_md5 expected_md5 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + expected_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.output 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.output .output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.pem 414s + echo -n 053350 414s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 414s [p11_child[3111]] [main] (0x0400): p11_child started. 414s [p11_child[3111]] [main] (0x2000): Running in [auth] mode. 414s [p11_child[3111]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3111]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3111]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3111]] [do_card] (0x4000): Module List: 414s [p11_child[3111]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3111]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3111]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3111]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3111]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3111]] [do_card] (0x4000): Login required. 414s [p11_child[3111]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3111]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3111]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3111]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xb23638b;slot-manufacturer=SoftHSM%20project;slot-id=186868619;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b6dbcbc8b23638b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 414s [p11_child[3111]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 414s [p11_child[3111]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 414s [p11_child[3111]] [do_card] (0x4000): Certificate verified and validated. 414s [p11_child[3111]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Mar 20 18:29:07 2024 GMT 414s Not After : Mar 20 18:29:07 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b6:0b:eb:5b:52:2c:e3:4d:98:3c:47:58:71:47: 414s c1:50:8d:79:83:cc:ef:22:f5:bf:3c:7a:aa:3b:62: 414s 21:10:15:f3:bc:92:03:1f:3a:36:a7:59:ea:a5:35: 414s 9f:0d:1e:a8:92:28:e5:55:ee:0c:ba:e1:ef:b5:b7: 414s 80:96:88:25:2e:fe:ab:3c:c8:17:eb:aa:a5:32:db: 414s 9f:ab:0b:dd:fe:e8:f5:1a:87:fe:14:d4:17:ad:c1: 414s 3a:20:55:76:bc:ac:ad:f1:18:ca:f9:56:47:ac:af: 414s a0:88:e4:10:7f:0c:82:bd:a2:73:c2:6d:d4:e9:c1: 414s b9:4f:fb:9d:a1:c0:1c:cf:07 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s A6:40:2F:FA:FA:CB:A1:99:11:06:AF:9C:3E:F2:A3:F7:58:52:2A:5A 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 7A:6D:00:ED:39:C2:40:3B:6A:59:F4:96:99:11:85:40:38:34:89:BB 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 56:8b:ce:5b:39:0c:fa:81:df:7a:44:49:d1:7a:20:11:ab:5a: 414s d9:e5:90:c8:2d:ba:ed:f5:ea:7f:93:ea:b6:b9:8b:72:45:f3: 414s 15:ff:b1:ef:c4:01:44:b8:cc:d8:38:4a:06:c7:0c:a7:7f:ce: 414s 1f:0e:90:fc:79:a3:56:1a:dc:52:8c:be:d9:3c:5f:df:71:d8: 414s 44:3e:37:bd:dd:42:91:e6:fc:92:d6:60:3d:46:6e:49:b2:37: 414s 74:d9:14:1a:24:fa:ac:7d:e2:c8:7a:b2:34:f7:a7:70:6b:c6: 414s 97:21:e9:fd:06:05:e4:0c:b4:ba:5a:e3:21:85:11:47:12:04: 414s 52:80 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3937-auth.pem 414s + found_md5=Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 414s + '[' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 '!=' Modulus=B60BEB5B522CE34D983C47587147C1508D7983CCEF22F5BF3C7AAA3B62211015F3BC92031F3A36A759EAA5359F0D1EA89228E555EE0CBAE1EFB5B7809688252EFEAB3CC817EBAAA532DB9FAB0BDDFEE8F51A87FE14D417ADC13A205576BCACADF118CAF95647ACAFA088E4107F0C82BDA273C26DD4E9C1B94FFB9DA1C01CCF07 ']' 414s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s + local verify_option= 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s Test Organization Root Tr Token 414s + echo 'Test Organization Root Tr Token' 414s + '[' -n '' ']' 414s + local output_base_name=SSSD-child-17091 414s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-17091.output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-17091.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s [p11_child[3121]] [main] (0x0400): p11_child started. 414s [p11_child[3121]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3121]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3121]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3121]] [do_card] (0x4000): Module List: 414s [p11_child[3121]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3121]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3121]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3121]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3121]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3121]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3121]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3121]] [do_verification] (0x0040): X509_verify_cert failed [0]. 414s [p11_child[3121]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 414s [p11_child[3121]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 414s [p11_child[3121]] [do_card] (0x4000): No certificate found. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-17091.output 414s + return 2 414s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem partial_chain 414s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem partial_chain 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s + local verify_option=partial_chain 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14891 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-14891 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s + '[' -n partial_chain ']' 414s + local verify_arg=--verify=partial_chain 414s + local output_base_name=SSSD-child-28227 414s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-28227.output 414s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-28227.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 414s Test Organization Root Tr Token 414s [p11_child[3128]] [main] (0x0400): p11_child started. 414s [p11_child[3128]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3128]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3128]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3128]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3128]] [do_card] (0x4000): Module List: 414s [p11_child[3128]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3128]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3128]] [do_card] (0x4000): Description [SoftHSM slot ID 0xb23638b] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3128]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3128]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0xb23638b][186868619] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3128]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3128]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3128]] [do_verification] (0x0040): X509_verify_cert failed [0]. 414s [p11_child[3128]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 414s [p11_child[3128]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 414s [p11_child[3128]] [do_card] (0x4000): No certificate found. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-28227.output 414s + return 2 414s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /dev/null 414s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /dev/null 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 414s + local key_ring=/dev/null 414s + local verify_option= 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 414s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-intermediate-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 414s + token_name='Test Organization Interme Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 414s + local key_file 414s + local decrypted_key 414s + mkdir -p /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 414s + key_file=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key.pem 414s + decrypted_key=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 414s + cat 414s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 415s Slot 0 has a free/uninitialized token. 415s The token has been initialized and is reassigned to slot 1251489795 415s + softhsm2-util --show-slots 415s Available slots: 415s Slot 1251489795 415s Slot info: 415s Description: SoftHSM slot ID 0x4a983803 415s Manufacturer ID: SoftHSM project 415s Hardware version: 2.6 415s Firmware version: 2.6 415s Token present: yes 415s Token info: 415s Manufacturer ID: SoftHSM project 415s Model: SoftHSM v2 415s Hardware version: 2.6 415s Firmware version: 2.6 415s Serial number: 69cdadc54a983803 415s Initialized: yes 415s User PIN init.: yes 415s Label: Test Organization Interme Token 415s Slot 1 415s Slot info: 415s Description: SoftHSM slot ID 0x1 415s Manufacturer ID: SoftHSM project 415s Hardware version: 2.6 415s Firmware version: 2.6 415s Token present: yes 415s Token info: 415s Manufacturer ID: SoftHSM project 415s Model: SoftHSM v2 415s Hardware version: 2.6 415s Firmware version: 2.6 415s Serial number: 415s Initialized: no 415s User PIN init.: no 415s Label: 415s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 415s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-24905 -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 415s writing RSA key 415s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 415s + rm /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 415s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 415s Object 0: 415s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 415s Type: X.509 Certificate (RSA-1024) 415s Expires: Thu Mar 20 18:29:07 2025 415s Label: Test Organization Intermediate Trusted Certificate 0001 415s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 415s 415s Test Organization Interme Token 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s + local output_base_name=SSSD-child-24199 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-24199.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-24199.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 415s [p11_child[3144]] [main] (0x0400): p11_child started. 415s [p11_child[3144]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3144]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3144]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3144]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 415s [p11_child[3144]] [do_work] (0x0040): init_verification failed. 415s [p11_child[3144]] [main] (0x0020): p11_child failed (5) 415s + return 2 415s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /dev/null no_verification 415s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /dev/null no_verification 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_ring=/dev/null 415s + local verify_option=no_verification 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s Test Organization Interme Token 415s + '[' -n no_verification ']' 415s + local verify_arg=--verify=no_verification 415s + local output_base_name=SSSD-child-8677 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 415s [p11_child[3150]] [main] (0x0400): p11_child started. 415s [p11_child[3150]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3150]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3150]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3150]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 415s [p11_child[3150]] [do_card] (0x4000): Module List: 415s [p11_child[3150]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3150]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3150]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3150]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3150]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3150]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3150]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3150]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3150]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3150]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Mar 20 18:29:07 2024 GMT 415s Not After : Mar 20 18:29:07 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 415s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 415s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 415s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 415s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 415s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 415s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 415s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 415s a4:22:b3:57:71:2f:19:0a:53 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 415s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 415s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 415s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 415s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 415s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 415s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 415s 5c:0f 415s + local found_md5 expected_md5 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + expected_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677.pem 415s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 415s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.output 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.output .output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.pem 415s + echo -n 053350 415s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 415s [p11_child[3158]] [main] (0x0400): p11_child started. 415s [p11_child[3158]] [main] (0x2000): Running in [auth] mode. 415s [p11_child[3158]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3158]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3158]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 415s [p11_child[3158]] [do_card] (0x4000): Module List: 415s [p11_child[3158]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3158]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3158]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3158]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3158]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3158]] [do_card] (0x4000): Login required. 415s [p11_child[3158]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3158]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3158]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 415s [p11_child[3158]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 415s [p11_child[3158]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 415s [p11_child[3158]] [do_card] (0x4000): Certificate verified and validated. 415s [p11_child[3158]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Mar 20 18:29:07 2024 GMT 415s Not After : Mar 20 18:29:07 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 415s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 415s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 415s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 415s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 415s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 415s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 415s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 415s a4:22:b3:57:71:2f:19:0a:53 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 415s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 415s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 415s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 415s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 415s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 415s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 415s 5c:0f 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-8677-auth.pem 415s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 415s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s + local verify_option= 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s Test Organization Interme Token 415s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s + local output_base_name=SSSD-child-10786 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10786.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10786.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s [p11_child[3168]] [main] (0x0400): p11_child started. 415s [p11_child[3168]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3168]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3168]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3168]] [do_card] (0x4000): Module List: 415s [p11_child[3168]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3168]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3168]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3168]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3168]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3168]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3168]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3168]] [do_verification] (0x0040): X509_verify_cert failed [0]. 415s [p11_child[3168]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 415s [p11_child[3168]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 415s [p11_child[3168]] [do_card] (0x4000): No certificate found. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10786.output 415s + return 2 415s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 415s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s + local verify_option=partial_chain 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n partial_chain ']' 415s + local verify_arg=--verify=partial_chain 415s + local output_base_name=SSSD-child-26915 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-26915.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-26915.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 415s Test Organization Interme Token 415s [p11_child[3175]] [main] (0x0400): p11_child started. 415s [p11_child[3175]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3175]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3175]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3175]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 415s [p11_child[3175]] [do_card] (0x4000): Module List: 415s [p11_child[3175]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3175]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3175]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3175]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3175]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3175]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3175]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3175]] [do_verification] (0x0040): X509_verify_cert failed [0]. 415s [p11_child[3175]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 415s [p11_child[3175]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 415s [p11_child[3175]] [do_card] (0x4000): No certificate found. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-26915.output 415s + return 2 415s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s + local verify_option= 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s + local output_base_name=SSSD-child-209 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s Test Organization Interme Token 415s [p11_child[3182]] [main] (0x0400): p11_child started. 415s [p11_child[3182]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3182]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3182]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3182]] [do_card] (0x4000): Module List: 415s [p11_child[3182]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3182]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3182]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3182]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3182]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3182]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3182]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3182]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 415s [p11_child[3182]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3182]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3182]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Mar 20 18:29:07 2024 GMT 415s Not After : Mar 20 18:29:07 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 415s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 415s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 415s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 415s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 415s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 415s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 415s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 415s a4:22:b3:57:71:2f:19:0a:53 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 415s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 415s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 415s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 415s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 415s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 415s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 415s 5c:0f 415s + local found_md5 expected_md5 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + expected_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209.pem 415s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 415s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.output 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.output .output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.pem 415s + echo -n 053350 415s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 415s [p11_child[3190]] [main] (0x0400): p11_child started. 415s [p11_child[3190]] [main] (0x2000): Running in [auth] mode. 415s [p11_child[3190]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3190]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3190]] [do_card] (0x4000): Module List: 415s [p11_child[3190]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3190]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3190]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3190]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3190]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3190]] [do_card] (0x4000): Login required. 415s [p11_child[3190]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3190]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 415s [p11_child[3190]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3190]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 415s [p11_child[3190]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 415s [p11_child[3190]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 415s [p11_child[3190]] [do_card] (0x4000): Certificate verified and validated. 415s [p11_child[3190]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Mar 20 18:29:07 2024 GMT 415s Not After : Mar 20 18:29:07 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 415s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 415s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 415s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 415s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 415s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 415s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 415s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 415s a4:22:b3:57:71:2f:19:0a:53 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 415s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 415s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 415s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 415s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 415s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 415s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 415s 5c:0f 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-209-auth.pem 415s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 415s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 415s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 415s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s + local verify_option=partial_chain 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s Test Organization Interme Token 415s + '[' -n partial_chain ']' 415s + local verify_arg=--verify=partial_chain 415s + local output_base_name=SSSD-child-10990 415s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.output 415s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 415s [p11_child[3200]] [main] (0x0400): p11_child started. 415s [p11_child[3200]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3200]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3200]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3200]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 415s [p11_child[3200]] [do_card] (0x4000): Module List: 415s [p11_child[3200]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3200]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3200]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3200]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3200]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3200]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3200]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3200]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 415s [p11_child[3200]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3200]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3200]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Mar 20 18:29:07 2024 GMT 415s Not After : Mar 20 18:29:07 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 415s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 415s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 415s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 415s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 415s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 415s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 415s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 415s a4:22:b3:57:71:2f:19:0a:53 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 415s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 415s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 415s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 415s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 415s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 415s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 415s 5c:0f 415s + local found_md5 expected_md5 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + expected_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990.pem 416s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 416s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.output 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.output .output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.pem 416s + echo -n 053350 416s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 416s [p11_child[3208]] [main] (0x0400): p11_child started. 416s [p11_child[3208]] [main] (0x2000): Running in [auth] mode. 416s [p11_child[3208]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3208]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3208]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3208]] [do_card] (0x4000): Module List: 416s [p11_child[3208]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3208]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3208]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3208]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3208]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3208]] [do_card] (0x4000): Login required. 416s [p11_child[3208]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3208]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3208]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3208]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 416s [p11_child[3208]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 416s [p11_child[3208]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 416s [p11_child[3208]] [do_card] (0x4000): Certificate verified and validated. 416s [p11_child[3208]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Mar 20 18:29:07 2024 GMT 416s Not After : Mar 20 18:29:07 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 416s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 416s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 416s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 416s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 416s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 416s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 416s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 416s a4:22:b3:57:71:2f:19:0a:53 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 416s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 416s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 416s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 416s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 416s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 416s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 416s 5c:0f 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-10990-auth.pem 416s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 416s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Interme Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 416s Test Organization Interme Token 416s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Interme Token' 416s + '[' -n '' ']' 416s + local output_base_name=SSSD-child-30612 416s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-30612.output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-30612.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s [p11_child[3218]] [main] (0x0400): p11_child started. 416s [p11_child[3218]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3218]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3218]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3218]] [do_card] (0x4000): Module List: 416s [p11_child[3218]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3218]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3218]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3218]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3218]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3218]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3218]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3218]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3218]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 416s [p11_child[3218]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3218]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-30612.output 416s + return 2 416s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem partial_chain 416s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem partial_chain 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s + local verify_option=partial_chain 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24905 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Interme Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Interme Token' 416s + '[' -n partial_chain ']' 416s + local verify_arg=--verify=partial_chain 416s Test Organization Interme Token 416s + local output_base_name=SSSD-child-20726 416s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem 416s [p11_child[3225]] [main] (0x0400): p11_child started. 416s [p11_child[3225]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3225]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3225]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3225]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3225]] [do_card] (0x4000): Module List: 416s [p11_child[3225]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3225]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3225]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3225]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3225]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3225]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3225]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3225]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3225]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3225]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3225]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Mar 20 18:29:07 2024 GMT 416s Not After : Mar 20 18:29:07 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 416s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 416s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 416s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 416s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 416s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 416s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 416s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 416s a4:22:b3:57:71:2f:19:0a:53 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 416s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 416s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 416s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 416s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 416s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 416s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 416s 5c:0f 416s + local found_md5 expected_md5 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA-trusted-certificate-0001.pem 416s + expected_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726.pem 416s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 416s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.output 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.output .output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.pem 416s + echo -n 053350 416s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 416s [p11_child[3233]] [main] (0x0400): p11_child started. 416s [p11_child[3233]] [main] (0x2000): Running in [auth] mode. 416s [p11_child[3233]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3233]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3233]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3233]] [do_card] (0x4000): Module List: 416s [p11_child[3233]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3233]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3233]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4a983803] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3233]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3233]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4a983803][1251489795] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3233]] [do_card] (0x4000): Login required. 416s [p11_child[3233]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3233]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3233]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3233]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4a983803;slot-manufacturer=SoftHSM%20project;slot-id=1251489795;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=69cdadc54a983803;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 416s [p11_child[3233]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 416s [p11_child[3233]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 416s [p11_child[3233]] [do_card] (0x4000): Certificate verified and validated. 416s [p11_child[3233]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Mar 20 18:29:07 2024 GMT 416s Not After : Mar 20 18:29:07 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:fb:d2:ce:26:8e:5e:54:df:62:69:3b:dc:f7:2a: 416s 0f:f4:d3:f3:21:17:85:d6:b0:9d:2d:54:29:f9:fa: 416s 2f:3d:94:54:7d:a6:87:f6:16:1a:73:e0:00:0d:33: 416s c9:0e:f5:06:14:df:57:35:58:d1:2a:fd:59:c8:37: 416s 47:eb:16:79:fb:63:13:32:4f:38:a2:f9:d9:be:bf: 416s cd:68:1f:30:30:b5:8f:a9:55:a0:8b:18:42:f7:8b: 416s b2:b4:b0:04:e2:b9:db:2b:cc:cd:4f:fb:0a:99:e5: 416s 15:8d:e2:b4:28:36:26:55:37:bf:f7:91:22:b6:4f: 416s a4:22:b3:57:71:2f:19:0a:53 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s DD:11:06:62:17:47:DA:09:DD:AE:67:AB:32:E2:56:9F:45:3E:9B:17 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s B6:38:4B:CC:A7:23:83:1E:4B:F1:6F:93:E3:FC:57:FC:FC:7E:6D:5D 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s c3:00:35:cf:1a:6f:76:79:57:6a:c2:0c:d2:64:46:dc:be:77: 416s 1d:ad:a8:fa:a4:fc:76:90:6e:5b:6f:37:d8:15:0d:69:71:c8: 416s 32:7f:40:7f:8d:f0:5b:09:78:55:10:b8:cc:35:43:69:d3:96: 416s 1f:a6:fc:51:be:c7:56:56:c2:25:83:8d:13:ee:7d:97:90:23: 416s 71:b6:40:63:4d:4c:59:bd:94:cb:90:3c:44:bf:34:c4:c1:e3: 416s 6c:84:ab:a3:9f:41:27:f7:32:9c:b4:ca:1e:8f:6a:dc:09:f4: 416s da:f2:df:fa:91:a8:2d:b6:63:7e:59:a0:95:ba:32:49:ce:59: 416s 5c:0f 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-20726-auth.pem 416s + found_md5=Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 416s + '[' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 '!=' Modulus=FBD2CE268E5E54DF62693BDCF72A0FF4D3F3211785D6B09D2D5429F9FA2F3D94547DA687F6161A73E0000D33C90EF50614DF573558D12AFD59C83747EB1679FB6313324F38A2F9D9BEBFCD681F3030B58FA955A08B1842F78BB2B4B004E2B9DB2BCCCD4FFB0A99E5158DE2B42836265537BFF79122B64FA422B357712F190A53 ']' 416s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + local key_file 416s + local decrypted_key 416s + mkdir -p /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + key_file=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 416s + decrypted_key=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s + cat 416s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 416s Slot 0 has a free/uninitialized token. 416s The token has been initialized and is reassigned to slot 2109491732 416s + softhsm2-util --show-slots 416s Available slots: 416s Slot 2109491732 416s Slot info: 416s Description: SoftHSM slot ID 0x7dbc4a14 416s Manufacturer ID: SoftHSM project 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Token present: yes 416s Token info: 416s Manufacturer ID: SoftHSM project 416s Model: SoftHSM v2 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Serial number: f5234387fdbc4a14 416s Initialized: yes 416s User PIN init.: yes 416s Label: Test Organization Sub Int Token 416s Slot 1 416s Slot info: 416s Description: SoftHSM slot ID 0x1 416s Manufacturer ID: SoftHSM project 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Token present: yes 416s Token info: 416s Manufacturer ID: SoftHSM project 416s Model: SoftHSM v2 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Serial number: 416s Initialized: no 416s User PIN init.: no 416s Label: 416s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 416s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-10790 -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s writing RSA key 416s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 416s + rm /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 416s Object 0: 416s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 416s Type: X.509 Certificate (RSA-1024) 416s Expires: Thu Mar 20 18:29:07 2025 416s Label: Test Organization Sub Intermediate Trusted Certificate 0001 416s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 416s 416s Test Organization Sub Int Token 416s + echo 'Test Organization Sub Int Token' 416s + '[' -n '' ']' 416s + local output_base_name=SSSD-child-6191 416s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6191.output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6191.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s [p11_child[3252]] [main] (0x0400): p11_child started. 416s [p11_child[3252]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3252]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3252]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3252]] [do_card] (0x4000): Module List: 416s [p11_child[3252]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3252]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3252]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3252]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3252]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3252]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3252]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3252]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3252]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 416s [p11_child[3252]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3252]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6191.output 416s + return 2 416s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 416s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem partial_chain 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s + local verify_option=partial_chain 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Sub Int Token' 416s Test Organization Sub Int Token 416s + '[' -n partial_chain ']' 416s + local verify_arg=--verify=partial_chain 416s + local output_base_name=SSSD-child-21634 416s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-21634.output 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-21634.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-CA.pem 416s [p11_child[3259]] [main] (0x0400): p11_child started. 416s [p11_child[3259]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3259]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3259]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3259]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3259]] [do_card] (0x4000): Module List: 416s [p11_child[3259]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3259]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3259]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3259]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3259]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3259]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3259]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3259]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3259]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 416s [p11_child[3259]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3259]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-21634.output 416s + return 2 416s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Sub Int Token' 416s + '[' -n '' ']' 416s + local output_base_name=SSSD-child-6453 416s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.output 416s Test Organization Sub Int Token 416s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 416s [p11_child[3266]] [main] (0x0400): p11_child started. 416s [p11_child[3266]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3266]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3266]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3266]] [do_card] (0x4000): Module List: 416s [p11_child[3266]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3266]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3266]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3266]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3266]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3266]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3266]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3266]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3266]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3266]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3266]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 5 (0x5) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 416s Validity 416s Not Before: Mar 20 18:29:07 2024 GMT 416s Not After : Mar 20 18:29:07 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 416s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 416s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 416s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 416s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 416s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 416s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 416s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 416s bb:62:45:70:61:86:55:be:03 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Sub Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 416s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 416s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 416s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 416s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 416s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 416s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 416s d9:15 416s + local found_md5 expected_md5 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + expected_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.output 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3274]] [main] (0x0400): p11_child started. 417s [p11_child[3274]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3274]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3274]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3274]] [do_card] (0x4000): Module List: 417s [p11_child[3274]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3274]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3274]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3274]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3274]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3274]] [do_card] (0x4000): Login required. 417s [p11_child[3274]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3274]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3274]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3274]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3274]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3274]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3274]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3274]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Mar 20 18:29:07 2024 GMT 417s Not After : Mar 20 18:29:07 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 417s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 417s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 417s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 417s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 417s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 417s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 417s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 417s bb:62:45:70:61:86:55:be:03 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 417s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 417s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 417s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 417s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 417s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 417s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 417s d9:15 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-6453-auth.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s Test Organization Sub Int Token 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-3220 417s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem 417s [p11_child[3284]] [main] (0x0400): p11_child started. 417s [p11_child[3284]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3284]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3284]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3284]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3284]] [do_card] (0x4000): Module List: 417s [p11_child[3284]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3284]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3284]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3284]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3284]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3284]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3284]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3284]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3284]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3284]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3284]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Mar 20 18:29:07 2024 GMT 417s Not After : Mar 20 18:29:07 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 417s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 417s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 417s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 417s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 417s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 417s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 417s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 417s bb:62:45:70:61:86:55:be:03 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 417s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 417s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 417s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 417s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 417s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 417s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 417s d9:15 417s + local found_md5 expected_md5 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.output 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3292]] [main] (0x0400): p11_child started. 417s [p11_child[3292]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3292]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3292]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3292]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3292]] [do_card] (0x4000): Module List: 417s [p11_child[3292]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3292]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3292]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3292]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3292]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3292]] [do_card] (0x4000): Login required. 417s [p11_child[3292]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3292]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3292]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3292]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3292]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3292]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3292]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3292]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Mar 20 18:29:07 2024 GMT 417s Not After : Mar 20 18:29:07 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 417s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 417s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 417s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 417s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 417s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 417s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 417s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 417s bb:62:45:70:61:86:55:be:03 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 417s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 417s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 417s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 417s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 417s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 417s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 417s d9:15 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3220-auth.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s + local verify_option= 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s Test Organization Sub Int Token 417s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n '' ']' 417s + local output_base_name=SSSD-child-26272 417s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-26272.output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-26272.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s [p11_child[3302]] [main] (0x0400): p11_child started. 417s [p11_child[3302]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3302]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3302]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3302]] [do_card] (0x4000): Module List: 417s [p11_child[3302]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3302]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3302]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3302]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3302]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3302]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3302]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3302]] [do_verification] (0x0040): X509_verify_cert failed [0]. 417s [p11_child[3302]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 417s [p11_child[3302]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 417s [p11_child[3302]] [do_card] (0x4000): No certificate found. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-26272.output 417s + return 2 417s + invalid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s Test Organization Sub Int Token 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-32401 417s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-32401.output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-32401.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-root-intermediate-chain-CA.pem 417s [p11_child[3309]] [main] (0x0400): p11_child started. 417s [p11_child[3309]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3309]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3309]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3309]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3309]] [do_card] (0x4000): Module List: 417s [p11_child[3309]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3309]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3309]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3309]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3309]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3309]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3309]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3309]] [do_verification] (0x0040): X509_verify_cert failed [0]. 417s [p11_child[3309]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 417s [p11_child[3309]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 417s [p11_child[3309]] [do_card] (0x4000): No certificate found. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-32401.output 417s + return 2 417s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s Test Organization Sub Int Token 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-25099 417s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem 417s [p11_child[3316]] [main] (0x0400): p11_child started. 417s [p11_child[3316]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3316]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3316]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3316]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3316]] [do_card] (0x4000): Module List: 417s [p11_child[3316]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3316]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3316]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3316]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3316]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3316]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3316]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3316]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3316]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3316]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3316]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Mar 20 18:29:07 2024 GMT 417s Not After : Mar 20 18:29:07 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 417s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 417s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 417s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 417s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 417s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 417s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 417s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 417s bb:62:45:70:61:86:55:be:03 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 417s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 417s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 417s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 417s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 417s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 417s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 417s d9:15 417s + local found_md5 expected_md5 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.output 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3324]] [main] (0x0400): p11_child started. 417s [p11_child[3324]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3324]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3324]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3324]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3324]] [do_card] (0x4000): Module List: 417s [p11_child[3324]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3324]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3324]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3324]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3324]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3324]] [do_card] (0x4000): Login required. 417s [p11_child[3324]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3324]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3324]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3324]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3324]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3324]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3324]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Mar 20 18:29:07 2024 GMT 417s Not After : Mar 20 18:29:07 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 417s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 417s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 417s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 417s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 417s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 417s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 417s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 417s bb:62:45:70:61:86:55:be:03 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 417s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 417s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 417s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 417s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 417s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 417s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 417s d9:15 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-25099-auth.pem 417s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 417s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 417s + valid_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-sub-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 /tmp/sssd-softhsm2-QgnvwL/test-intermediate-sub-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_ring=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-sub-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local certificate=/tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-10790 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-QgnvwL/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-3434 417s + local output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.output 417s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-sub-chain-CA.pem 417s Test Organization Sub Int Token 417s [p11_child[3334]] [main] (0x0400): p11_child started. 417s [p11_child[3334]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3334]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3334]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3334]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3334]] [do_card] (0x4000): Module List: 417s [p11_child[3334]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3334]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3334]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3334]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3334]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3334]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3334]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3334]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3334]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3334]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3334]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.pem 418s + local found_md5 expected_md5 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 5 (0x5) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 418s Validity 418s Not Before: Mar 20 18:29:07 2024 GMT 418s Not After : Mar 20 18:29:07 2025 GMT 418s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 418s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 418s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 418s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 418s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 418s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 418s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 418s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 418s bb:62:45:70:61:86:55:be:03 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Sub Intermediate CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 418s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 418s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 418s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 418s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 418s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 418s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 418s d9:15 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/test-sub-intermediate-CA-trusted-certificate-0001.pem 418s + expected_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434.pem 418s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 418s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 418s + output_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.output 418s ++ basename /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.output .output 418s + output_cert_file=/tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.pem 418s + echo -n 053350 418s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-QgnvwL/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 418s [p11_child[3342]] [main] (0x0400): p11_child started. 418s [p11_child[3342]] [main] (0x2000): Running in [auth] mode. 418s [p11_child[3342]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[3342]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[3342]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 418s [p11_child[3342]] [do_card] (0x4000): Module List: 418s [p11_child[3342]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[3342]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[3342]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7dbc4a14] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[3342]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 418s [p11_child[3342]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7dbc4a14][2109491732] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[3342]] [do_card] (0x4000): Login required. 418s [p11_child[3342]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 418s [p11_child[3342]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[3342]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[3342]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7dbc4a14;slot-manufacturer=SoftHSM%20project;slot-id=2109491732;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f5234387fdbc4a14;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 418s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 418s [p11_child[3342]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 418s [p11_child[3342]] [do_card] (0x4000): Certificate verified and validated. 418s [p11_child[3342]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 5 (0x5) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 418s Validity 418s Not Before: Mar 20 18:29:07 2024 GMT 418s Not After : Mar 20 18:29:07 2025 GMT 418s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:bb:ff:a8:2b:fa:67:58:22:2b:04:92:30:1c:11: 418s 36:fd:fc:fb:0f:cc:59:c5:ef:3a:01:bd:1b:e7:72: 418s 74:fe:86:fe:a5:11:19:7a:98:27:00:33:f4:1e:91: 418s 7f:e7:d7:c0:17:32:01:93:3e:3d:5f:3f:5e:fb:be: 418s 3c:a9:0d:41:f9:a6:9e:78:d1:01:cc:a0:f8:8b:9e: 418s 09:b8:e5:f7:fa:e6:e9:52:62:83:66:71:c4:b4:78: 418s 77:b1:ac:0f:bd:3d:f5:8d:a5:d0:d2:48:cb:69:1a: 418s 9b:29:6a:27:8d:68:88:87:fb:f5:95:e0:af:37:83: 418s bb:62:45:70:61:86:55:be:03 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 61:A7:35:E9:E6:EE:2E:C8:D7:1B:22:06:0E:A4:9A:AB:B1:DA:BF:72 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Sub Intermediate CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 8D:C0:06:C6:6B:0D:30:F1:41:E1:88:58:F0:76:F5:02:EE:F0:B8:38 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 4a:e1:4a:6a:e6:8c:0c:0c:7a:f3:d2:c8:2f:7e:18:97:50:83: 418s 50:e7:23:29:6e:df:13:e7:d8:40:d6:3f:9e:8c:f5:47:58:fa: 418s 8d:f8:1d:06:0b:81:ba:f6:98:49:93:dd:ba:53:f1:a4:a3:a4: 418s 3d:63:ff:93:6a:12:07:cd:b3:c8:56:2a:ba:80:ab:a1:f9:b5: 418s 59:23:7e:85:0f:cc:49:23:4c:88:99:20:3d:72:96:a6:a5:e3: 418s 3b:57:c4:47:6b:56:bf:55:4d:c1:ab:85:10:06:ed:85:b0:f7: 418s 78:17:03:31:eb:62:b8:e2:31:aa:93:db:e0:c6:3e:14:d7:a8: 418s d9:15 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-QgnvwL/SSSD-child-3434-auth.pem 418s + found_md5=Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 418s + '[' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 '!=' Modulus=BBFFA82BFA6758222B0492301C1136FDFCFB0FCC59C5EF3A01BD1BE77274FE86FEA511197A98270033F41E917FE7D7C0173201933E3D5F3F5EFBBE3CA90D41F9A69E78D101CCA0F88B9E09B8E5F7FAE6E95262836671C4B47877B1AC0FBD3DF58DA5D0D248CB691A9B296A278D688887FBF595E0AF3783BB624570618655BE03 ']' 418s + set +x 418s 418s Test completed, Root CA and intermediate issued certificates verified! 418s autopkgtest [18:29:13]: test sssd-softhism2-certificates-tests.sh: -----------------------] 420s autopkgtest [18:29:15]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 420s sssd-softhism2-certificates-tests.sh PASS 420s autopkgtest [18:29:15]: test sssd-smart-card-pam-auth-configs: preparing testbed 427s Reading package lists... 427s Building dependency tree... 427s Reading state information... 427s Starting pkgProblemResolver with broken count: 0 427s Starting 2 pkgProblemResolver with broken count: 0 427s Done 428s The following additional packages will be installed: 428s pamtester 428s The following NEW packages will be installed: 428s autopkgtest-satdep pamtester 428s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 428s Need to get 14.6 kB/15.4 kB of archives. 428s After this operation, 86.0 kB of additional disk space will be used. 428s Get:1 /tmp/autopkgtest.D7GT7j/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [764 B] 428s Get:2 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 428s Fetched 14.6 kB in 0s (69.0 kB/s) 428s Selecting previously unselected package pamtester. 428s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70684 files and directories currently installed.) 428s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 428s Unpacking pamtester (0.1.2-4) ... 428s Selecting previously unselected package autopkgtest-satdep. 428s Preparing to unpack .../4-autopkgtest-satdep.deb ... 428s Unpacking autopkgtest-satdep (0) ... 428s Setting up pamtester (0.1.2-4) ... 428s Setting up autopkgtest-satdep (0) ... 428s Processing triggers for man-db (2.12.0-3) ... 431s (Reading database ... 70690 files and directories currently installed.) 431s Removing autopkgtest-satdep (0) ... 431s autopkgtest [18:29:26]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 431s autopkgtest [18:29:26]: test sssd-smart-card-pam-auth-configs: [----------------------- 431s + '[' -z ubuntu ']' 431s + export DEBIAN_FRONTEND=noninteractive 431s + DEBIAN_FRONTEND=noninteractive 431s + required_tools=(pamtester softhsm2-util sssd) 431s + [[ ! -v OFFLINE_MODE ]] 431s + for cmd in "${required_tools[@]}" 431s + command -v pamtester 431s + for cmd in "${required_tools[@]}" 431s + command -v softhsm2-util 431s + for cmd in "${required_tools[@]}" 431s + command -v sssd 431s + PIN=123456 431s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 431s + tmpdir=/tmp/sssd-softhsm2-certs-l8HA33 431s + backupsdir= 431s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 431s + declare -a restore_paths 431s + declare -a delete_paths 431s + trap handle_exit EXIT 431s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 431s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 431s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 431s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 431s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-l8HA33 GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 431s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-l8HA33 431s + GENERATE_SMART_CARDS=1 431s + KEEP_TEMPORARY_FILES=1 431s + NO_SSSD_TESTS=1 431s + bash debian/tests/sssd-softhism2-certificates-tests.sh 431s + '[' -z ubuntu ']' 431s + required_tools=(p11tool openssl softhsm2-util) 431s + for cmd in "${required_tools[@]}" 431s + command -v p11tool 431s + for cmd in "${required_tools[@]}" 431s + command -v openssl 431s + for cmd in "${required_tools[@]}" 431s + command -v softhsm2-util 431s + PIN=123456 431s +++ find /usr/lib/softhsm/libsofthsm2.so 431s +++ head -n 1 431s ++ realpath /usr/lib/softhsm/libsofthsm2.so 431s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 431s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 431s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 431s + '[' '!' -v NO_SSSD_TESTS ']' 431s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 431s + tmpdir=/tmp/sssd-softhsm2-certs-l8HA33 431s + keys_size=1024 431s + [[ ! -v KEEP_TEMPORARY_FILES ]] 431s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 431s + echo -n 01 431s + touch /tmp/sssd-softhsm2-certs-l8HA33/index.txt 431s + mkdir -p /tmp/sssd-softhsm2-certs-l8HA33/new_certs 431s + cat 431s + root_ca_key_pass=pass:random-root-CA-password-3531 431s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-key.pem -passout pass:random-root-CA-password-3531 1024 431s + openssl req -passin pass:random-root-CA-password-3531 -batch -config /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem 431s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem 432s + cat 432s Certificate Request: 432s Data: 432s Version: 1 (0x0) 432s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 432s Subject Public Key Info: 432s Public Key Algorithm: rsaEncryption 432s Public-Key: (1024 bit) 432s Modulus: 432s 00:ab:67:fc:bf:68:ff:85:ed:df:43:f4:5e:2d:fb: 432s 96:60:dc:9f:eb:39:d2:8a:99:87:91:45:51:b1:f2: 432s 6f:25:ae:13:84:05:e2:a2:07:08:b8:c1:14:80:8e: 432s e8:c8:f3:18:10:fe:bd:f4:ca:12:63:08:7a:2f:2d: 432s 1a:09:f8:94:d8:98:bf:c2:07:79:25:74:f6:58:44: 432s 4b:d1:a5:bf:ce:31:3d:de:0e:07:20:4b:e7:e6:77: 432s 48:ad:87:62:33:64:f3:8d:3e:ef:e0:3a:49:76:8e: 432s c5:68:ca:4e:89:8a:c4:c1:fc:b8:23:d3:30:1a:c9: 432s ff:2f:72:a9:bc:91:50:b1:c7 432s Exponent: 65537 (0x10001) 432s Attributes: 432s (none) 432s Requested Extensions: 432s Signature Algorithm: sha256WithRSAEncryption 432s Signature Value: 432s 53:26:ca:fc:b2:34:ef:ba:1b:6a:67:00:2d:43:88:83:f4:d7: 432s 45:27:b3:ac:61:0a:4d:fc:6c:42:40:89:20:01:d4:5f:98:8b: 432s 86:52:d8:c0:1e:77:d4:51:32:51:71:40:63:e2:88:26:82:e3: 432s 02:7a:f5:fd:a6:95:d4:a7:b1:aa:fd:84:50:d9:95:08:f7:9a: 432s 4b:3e:19:8e:87:ae:d8:b1:fb:97:7d:90:51:fb:30:67:1e:2a: 432s 60:42:2b:9d:44:0e:f7:81:ae:bc:93:69:11:75:a3:a9:5b:a0: 432s ce:1a:5e:56:5b:2f:11:37:19:4a:77:d1:6f:88:56:19:25:44: 432s 98:4e 432s /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem: OK 432s Certificate Request: 432s Data: 432s Version: 1 (0x0) 432s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 432s Subject Public Key Info: 432s Public Key Algorithm: rsaEncryption 432s Public-Key: (1024 bit) 432s Modulus: 432s 00:cd:66:01:a7:cb:3e:64:81:f1:8c:d2:5e:7d:85: 432s ec:21:1f:63:18:a6:b8:82:3e:a5:f6:d2:10:b7:74: 432s 70:db:b9:b0:54:d7:93:7b:7f:19:cb:69:8e:f4:83: 432s 54:05:e5:7b:ca:b3:76:58:a6:7e:1b:0f:d6:d3:49: 432s 52:ce:52:83:87:87:97:58:20:99:39:fe:9e:af:bb: 432s 42:a2:81:80:8b:bc:22:7e:bf:ee:26:44:78:a7:dc: 432s cb:68:30:fa:3e:81:1c:80:30:f7:2f:a6:ca:40:4c: 432s be:d1:ef:c7:00:bd:16:5a:45:f9:80:ae:77:55:eb: 432s 3e:a6:e8:ba:52:c8:d4:f2:91 432s Exponent: 65537 (0x10001) 432s Attributes: 432s (none) 432s Requested Extensions: 432s Signature Algorithm: sha256WithRSAEncryption 432s Signature Value: 432s 3e:27:37:45:6c:ca:17:8d:48:93:6f:1c:ba:29:f0:35:18:cd: 432s 8d:0c:c7:fc:13:cf:71:20:db:d9:33:46:1b:ab:a2:58:87:45: 432s e4:9d:f1:04:42:5f:ef:55:4e:f1:93:09:c6:9b:75:e8:0e:13: 432s ed:39:7a:34:e2:01:66:a1:b6:50:0a:74:30:d2:48:86:b8:66: 432s d6:1d:dc:87:b9:d8:4f:6e:2f:f9:1a:32:2c:c8:bc:f9:69:0d: 432s 09:06:9c:58:b4:a4:0c:8c:68:a8:13:27:1f:4b:8b:56:44:5e: 432s 08:c9:8e:ad:6a:f8:a5:06:60:73:08:9f:0c:bd:37:9d:da:cf: 432s 7f:4c 432s /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem: OK 432s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-2426 432s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-2426 1024 432s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-2426 -config /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-3531 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-certificate-request.pem 432s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-certificate-request.pem 432s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.config -passin pass:random-root-CA-password-3531 -keyfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem 432s Using configuration from /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.config 432s Check that the request matches the signature 432s Signature ok 432s Certificate Details: 432s Serial Number: 1 (0x1) 432s Validity 432s Not Before: Mar 20 18:29:27 2024 GMT 432s Not After : Mar 20 18:29:27 2025 GMT 432s Subject: 432s organizationName = Test Organization 432s organizationalUnitName = Test Organization Unit 432s commonName = Test Organization Intermediate CA 432s X509v3 extensions: 432s X509v3 Subject Key Identifier: 432s 8C:87:26:7C:95:66:02:1E:61:FC:1C:30:51:84:63:EB:AA:57:6B:03 432s X509v3 Authority Key Identifier: 432s keyid:E0:0D:B4:89:99:53:FC:84:3F:2F:28:B5:93:5B:7C:4D:FF:57:3D:4B 432s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 432s serial:00 432s X509v3 Basic Constraints: 432s CA:TRUE 432s X509v3 Key Usage: critical 432s Digital Signature, Certificate Sign, CRL Sign 432s Certificate is to be certified until Mar 20 18:29:27 2025 GMT (365 days) 432s 432s Write out database with 1 new entries 432s Database updated 432s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem 432s + cat 432s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-20228 432s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-20228 1024 432s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-20228 -config /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-2426 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-certificate-request.pem 432s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-certificate-request.pem 432s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-2426 -keyfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s Using configuration from /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.config 432s Check that the request matches the signature 432s Signature ok 432s Certificate Details: 432s Serial Number: 2 (0x2) 432s Validity 432s Not Before: Mar 20 18:29:27 2024 GMT 432s Not After : Mar 20 18:29:27 2025 GMT 432s Subject: 432s organizationName = Test Organization 432s organizationalUnitName = Test Organization Unit 432s commonName = Test Organization Sub Intermediate CA 432s X509v3 extensions: 432s X509v3 Subject Key Identifier: 432s 8E:80:31:EB:B8:CE:14:27:EB:AD:0E:03:D7:1B:A7:4B:A2:7D:4D:72 432s X509v3 Authority Key Identifier: 432s keyid:8C:87:26:7C:95:66:02:1E:61:FC:1C:30:51:84:63:EB:AA:57:6B:03 432s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 432s serial:01 432s X509v3 Basic Constraints: 432s CA:TRUE 432s X509v3 Key Usage: critical 432s Digital Signature, Certificate Sign, CRL Sign 432s Certificate is to be certified until Mar 20 18:29:27 2025 GMT (365 days) 432s 432s Write out database with 1 new entries 432s Database updated 432s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 432s error 20 at 0 depth lookup: unable to get local issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem: verification failed 432s + cat 432s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-29174 432s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-29174 1024 432s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-29174 -key /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-request.pem 432s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-request.pem 432s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.config -passin pass:random-root-CA-password-3531 -keyfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s Certificate Request: 432s Data: 432s Version: 1 (0x0) 432s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 432s Subject Public Key Info: 432s Public Key Algorithm: rsaEncryption 432s Public-Key: (1024 bit) 432s Modulus: 432s 00:ad:04:78:3c:02:f2:ce:89:60:fe:26:f4:88:3f: 432s fd:af:03:20:74:3b:3a:51:fe:f1:16:4d:cc:b2:8d: 432s 14:90:db:5b:51:f0:50:39:30:aa:d6:23:2b:e9:b2: 432s 3f:9a:c3:54:49:b7:78:56:96:19:66:aa:8c:2c:3c: 432s 94:b8:13:a9:bd:fa:94:02:6f:0a:fe:dc:98:73:e8: 432s cb:5c:76:c6:a0:ac:73:e5:fb:81:83:f9:82:22:b2: 432s 50:56:2d:dc:36:f8:80:ff:64:1b:34:02:dd:82:58: 432s bc:a2:c2:14:a6:e0:e2:da:e2:91:54:e2:7a:fa:4a: 432s 17:bd:58:7a:c3:c8:8d:a6:77 432s Exponent: 65537 (0x10001) 432s Attributes: 432s Requested Extensions: 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Root CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s DF:40:0B:CC:F3:BC:2D:6A:0B:42:72:A5:FD:66:DA:26:91:77:9E:C7 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Signature Algorithm: sha256WithRSAEncryption 432s Signature Value: 432s 8d:d0:a4:cf:4c:2a:ba:6a:04:30:1f:c4:36:2b:33:1a:a9:d1: 432s 6d:5f:44:a2:e4:53:76:21:d1:5f:b2:3a:70:0b:b2:24:54:d4: 432s 50:1d:d6:93:ca:89:53:47:f7:11:78:dc:2c:35:af:46:c3:7f: 432s 19:89:2d:ba:f1:42:3b:85:81:1d:3d:6a:1b:b2:96:3c:81:90: 432s 69:68:e3:5f:d0:0e:0e:8f:db:95:48:b6:fd:b3:46:f9:d1:59: 432s 1f:73:83:29:8c:41:23:dd:79:ae:79:14:38:87:b2:94:a7:64: 432s 12:7b:c6:bc:a4:f4:67:c6:cb:6b:d8:5b:61:60:ee:53:83:a7: 432s 15:0b 432s Using configuration from /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.config 432s Check that the request matches the signature 432s Signature ok 432s Certificate Details: 432s Serial Number: 3 (0x3) 432s Validity 432s Not Before: Mar 20 18:29:27 2024 GMT 432s Not After : Mar 20 18:29:27 2025 GMT 432s Subject: 432s organizationName = Test Organization 432s organizationalUnitName = Test Organization Unit 432s commonName = Test Organization Root Trusted Certificate 0001 432s X509v3 extensions: 432s X509v3 Authority Key Identifier: 432s E0:0D:B4:89:99:53:FC:84:3F:2F:28:B5:93:5B:7C:4D:FF:57:3D:4B 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Root CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s DF:40:0B:CC:F3:BC:2D:6A:0B:42:72:A5:FD:66:DA:26:91:77:9E:C7 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Certificate is to be certified until Mar 20 18:29:27 2025 GMT (365 days) 432s 432s Write out database with 1 new entries 432s Database updated 432s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem: OK 432s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 432s error 20 at 0 depth lookup: unable to get local issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem: verification failed 432s + cat 432s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-24079 432s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-24079 1024 432s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-24079 -key /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-request.pem 432s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-request.pem 432s Certificate Request: 432s Data: 432s Version: 1 (0x0) 432s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 432s Subject Public Key Info: 432s Public Key Algorithm: rsaEncryption 432s Public-Key: (1024 bit) 432s Modulus: 432s 00:ac:28:32:60:f0:e5:81:7c:dd:b0:3a:d4:c4:f4: 432s 8f:f5:06:6b:fb:41:8a:1b:d8:ac:9a:d3:08:ab:b7: 432s 10:4a:c8:bd:7a:a4:08:15:bf:6f:13:c4:b1:4c:75: 432s c1:65:41:8e:65:3b:f8:46:1d:c3:63:d7:84:c1:07: 432s 71:5d:4e:6e:e7:c4:73:1c:99:0f:e0:39:e5:52:32: 432s 48:5a:0c:da:93:2c:a4:09:ff:0f:77:b0:27:42:da: 432s b9:ad:61:64:ac:72:ab:d7:31:27:1e:18:83:e2:94: 432s 93:53:18:8d:dd:f8:9d:d6:6f:8f:3b:34:3d:47:5a: 432s 4d:72:27:34:7c:19:4b:d3:85 432s Exponent: 65537 (0x10001) 432s Attributes: 432s Requested Extensions: 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Intermediate CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s 80:A9:4D:ED:64:31:A3:7F:BC:9B:48:87:A5:E4:E3:E3:A4:09:93:27 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Signature Algorithm: sha256WithRSAEncryption 432s Signature Value: 432s 15:b0:2e:33:d6:a2:2b:b6:04:8d:a5:29:6c:aa:8a:e5:9d:fd: 432s 06:6d:4a:01:95:11:da:90:67:3f:fd:96:34:49:03:72:22:20: 432s e7:8f:ff:a5:51:14:46:8c:3f:f4:00:ce:0a:01:cf:93:ce:56: 432s 73:43:f9:b4:1d:dc:4e:dd:7d:13:18:b0:05:ba:61:24:12:ae: 432s d8:61:ce:a5:93:b9:16:b4:cf:48:d9:aa:97:3d:e2:a3:69:cc: 432s b4:a7:32:e7:f2:ff:36:b1:18:e5:78:b7:99:d2:d5:d3:52:53: 432s 4b:39:ae:6f:96:7c:ba:0e:51:8d:84:1c:bc:57:f4:fa:28:f1: 432s a1:a3 432s + openssl ca -passin pass:random-intermediate-CA-password-2426 -config /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s Using configuration from /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.config 432s Check that the request matches the signature 432s Signature ok 432s Certificate Details: 432s Serial Number: 4 (0x4) 432s Validity 432s Not Before: Mar 20 18:29:27 2024 GMT 432s Not After : Mar 20 18:29:27 2025 GMT 432s Subject: 432s organizationName = Test Organization 432s organizationalUnitName = Test Organization Unit 432s commonName = Test Organization Intermediate Trusted Certificate 0001 432s X509v3 extensions: 432s X509v3 Authority Key Identifier: 432s 8C:87:26:7C:95:66:02:1E:61:FC:1C:30:51:84:63:EB:AA:57:6B:03 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Intermediate CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s 80:A9:4D:ED:64:31:A3:7F:BC:9B:48:87:A5:E4:E3:E3:A4:09:93:27 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Certificate is to be certified until Mar 20 18:29:27 2025 GMT (365 days) 432s 432s Write out database with 1 new entries 432s Database updated 432s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s This certificate should not be trusted fully 432s + echo 'This certificate should not be trusted fully' 432s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 432s error 2 at 1 depth lookup: unable to get issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 432s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem: OK 432s + cat 432s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-13141 432s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-13141 1024 432s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-13141 -key /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 432s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 432s Certificate Request: 432s Data: 432s Version: 1 (0x0) 432s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 432s Subject Public Key Info: 432s Public Key Algorithm: rsaEncryption 432s Public-Key: (1024 bit) 432s Modulus: 432s 00:b9:29:d9:e3:12:fc:25:da:b4:5c:c9:a7:e3:77: 432s f1:b1:0c:cc:af:58:13:d7:44:74:ac:9a:9f:86:4d: 432s 30:da:e9:54:75:ea:78:15:81:cf:c6:1e:bf:95:73: 432s 90:77:97:b9:2e:de:df:8f:23:a0:f3:16:22:31:2b: 432s b4:0a:27:b4:65:ea:63:9f:76:9c:99:a8:c4:25:f0: 432s 81:fd:cc:03:0c:a3:90:0f:e6:eb:50:05:1b:d1:4d: 432s ef:af:80:b1:67:80:c1:cb:b5:c4:a1:73:72:10:6e: 432s cf:fa:40:b9:34:e5:ea:f2:e3:bc:94:02:3e:78:8e: 432s 27:b1:89:8f:1e:dd:c2:2e:e5 432s Exponent: 65537 (0x10001) 432s Attributes: 432s Requested Extensions: 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Sub Intermediate CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s 7F:A0:04:FC:A7:4F:95:5F:16:5C:B7:79:05:61:B0:E9:83:C7:A1:AF 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Signature Algorithm: sha256WithRSAEncryption 432s Signature Value: 432s 38:c0:fd:67:ec:a7:1f:7a:f2:11:51:b8:dd:8f:35:93:7d:24: 432s 40:71:97:84:80:5d:ae:61:cd:0a:b0:d4:80:37:a8:df:6a:d3: 432s 61:c5:57:c3:2c:20:36:bb:16:e4:98:c2:b7:88:7d:b7:fb:80: 432s d9:e4:a2:5d:56:fb:68:ae:2b:86:b4:7a:d1:1f:f0:69:40:5b: 432s 89:f4:98:42:45:c2:00:6a:63:ee:24:bf:1f:36:eb:c0:18:29: 432s cc:ef:fd:0e:f7:6b:13:89:b6:03:a6:b4:01:4a:2a:2f:12:9a: 432s 67:76:24:f9:6e:0a:fa:02:80:b8:0c:32:45:91:72:09:78:d0: 432s 20:98 432s + openssl ca -passin pass:random-sub-intermediate-CA-password-20228 -config /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s Using configuration from /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.config 432s Check that the request matches the signature 432s Signature ok 432s Certificate Details: 432s Serial Number: 5 (0x5) 432s Validity 432s Not Before: Mar 20 18:29:27 2024 GMT 432s Not After : Mar 20 18:29:27 2025 GMT 432s Subject: 432s organizationName = Test Organization 432s organizationalUnitName = Test Organization Unit 432s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 432s X509v3 extensions: 432s X509v3 Authority Key Identifier: 432s 8E:80:31:EB:B8:CE:14:27:EB:AD:0E:03:D7:1B:A7:4B:A2:7D:4D:72 432s X509v3 Basic Constraints: 432s CA:FALSE 432s Netscape Cert Type: 432s SSL Client, S/MIME 432s Netscape Comment: 432s Test Organization Sub Intermediate CA trusted Certificate 432s X509v3 Subject Key Identifier: 432s 7F:A0:04:FC:A7:4F:95:5F:16:5C:B7:79:05:61:B0:E9:83:C7:A1:AF 432s X509v3 Key Usage: critical 432s Digital Signature, Non Repudiation, Key Encipherment 432s X509v3 Extended Key Usage: 432s TLS Web Client Authentication, E-mail Protection 432s X509v3 Subject Alternative Name: 432s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 432s Certificate is to be certified until Mar 20 18:29:27 2025 GMT (365 days) 432s 432s Write out database with 1 new entries 432s Database updated 432s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s This certificate should not be trusted fully 432s + echo 'This certificate should not be trusted fully' 432s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 432s error 2 at 1 depth lookup: unable to get issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 432s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 432s error 20 at 0 depth lookup: unable to get local issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 432s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 432s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s + local cmd=openssl 432s + shift 432s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 432s error 20 at 0 depth lookup: unable to get local issuer certificate 432s error /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 432s + echo 'Building a the full-chain CA file...' 432s Building a the full-chain CA file... 432s + cat /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s + cat /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem 432s + cat /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 432s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem 432s + openssl pkcs7 -print_certs -noout 432s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 432s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 432s 432s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 432s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 432s 432s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 432s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 432s 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA.pem: OK 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem: OK 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem: OK 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-root-intermediate-chain-CA.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-root-intermediate-chain-CA.pem: OK 432s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 432s + echo 'Certificates generation completed!' 432s Certificates generation completed! 432s + [[ -v NO_SSSD_TESTS ]] 432s + [[ -v GENERATE_SMART_CARDS ]] 432s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29174 432s + local certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s + local key_pass=pass:random-root-ca-trusted-cert-0001-29174 432s + local key_cn 432s + local key_name 432s + local tokens_dir 432s + local output_cert_file 432s + token_name= 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem .pem 432s + key_name=test-root-CA-trusted-certificate-0001 432s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem 432s ++ sed -n 's/ *commonName *= //p' 432s + key_cn='Test Organization Root Trusted Certificate 0001' 432s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 432s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf 432s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 432s + tokens_dir=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001 432s + token_name='Test Organization Root Tr Token' 432s + '[' '!' -e /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 432s + local key_file 432s + local decrypted_key 432s + mkdir -p /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001 432s + key_file=/tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key.pem 432s + decrypted_key=/tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key-decrypted.pem 432s + cat 432s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 432s Slot 0 has a free/uninitialized token. 432s The token has been initialized and is reassigned to slot 447952445 432s + softhsm2-util --show-slots 432s Available slots: 432s Slot 447952445 432s Slot info: 432s Description: SoftHSM slot ID 0x1ab3363d 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: ffcfeea29ab3363d 432s Initialized: yes 432s User PIN init.: yes 432s Label: Test Organization Root Tr Token 432s Slot 1 432s Slot info: 432s Description: SoftHSM slot ID 0x1 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 432s Initialized: no 432s User PIN init.: no 432s Label: 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-29174 -in /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key-decrypted.pem 432s writing RSA key 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + rm /tmp/sssd-softhsm2-certs-l8HA33/test-root-CA-trusted-certificate-0001-key-decrypted.pem 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 432s Object 0: 432s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ffcfeea29ab3363d;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 432s Type: X.509 Certificate (RSA-1024) 432s Expires: Thu Mar 20 18:29:27 2025 432s Label: Test Organization Root Trusted Certificate 0001 432s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 432s 432s + echo 'Test Organization Root Tr Token' 432s Test Organization Root Tr Token 432s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-24079 432s + local certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-24079 432s + local key_cn 432s + local key_name 432s + local tokens_dir 432s + local output_cert_file 432s + token_name= 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem .pem 432s + key_name=test-intermediate-CA-trusted-certificate-0001 432s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem 432s ++ sed -n 's/ *commonName *= //p' 432s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 432s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 432s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 432s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 432s + tokens_dir=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001 432s + token_name='Test Organization Interme Token' 432s + '[' '!' -e /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 432s + local key_file 432s + local decrypted_key 432s + mkdir -p /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-intermediate-CA-trusted-certificate-0001 432s + key_file=/tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key.pem 432s + decrypted_key=/tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + cat 432s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 432s Slot 0 has a free/uninitialized token. 432s The token has been initialized and is reassigned to slot 2125607741 432s + softhsm2-util --show-slots 432s Available slots: 432s Slot 2125607741 432s Slot info: 432s Description: SoftHSM slot ID 0x7eb2333d 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 28bfe931feb2333d 432s Initialized: yes 432s User PIN init.: yes 432s Label: Test Organization Interme Token 432s Slot 1 432s Slot info: 432s Description: SoftHSM slot ID 0x1 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 432s Initialized: no 432s User PIN init.: no 432s Label: 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-24079 -in /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s writing RSA key 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + rm /tmp/sssd-softhsm2-certs-l8HA33/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 432s Object 0: 432s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28bfe931feb2333d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 432s Type: X.509 Certificate (RSA-1024) 432s Expires: Thu Mar 20 18:29:27 2025 432s Label: Test Organization Intermediate Trusted Certificate 0001 432s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 432s 432s Test Organization Interme Token 432s + echo 'Test Organization Interme Token' 432s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-13141 432s + local certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-13141 432s + local key_cn 432s + local key_name 432s + local tokens_dir 432s + local output_cert_file 432s + token_name= 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 432s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 432s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem 432s ++ sed -n 's/ *commonName *= //p' 432s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 432s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 432s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 432s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 432s ++ basename /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 432s + tokens_dir=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 432s + token_name='Test Organization Sub Int Token' 432s + '[' '!' -e /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 432s + local key_file 432s + local decrypted_key 432s + mkdir -p /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 432s + key_file=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 432s + decrypted_key=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + cat 432s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 432s Slot 0 has a free/uninitialized token. 432s The token has been initialized and is reassigned to slot 1402521370 432s + softhsm2-util --show-slots 432s Available slots: 432s Slot 1402521370 432s Slot info: 432s Description: SoftHSM slot ID 0x5398c71a 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 81554bc5d398c71a 432s Initialized: yes 432s User PIN init.: yes 432s Label: Test Organization Sub Int Token 432s Slot 1 432s Slot info: 432s Description: SoftHSM slot ID 0x1 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 432s Initialized: no 432s User PIN init.: no 432s Label: 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-13141 -in /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s writing RSA key 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + rm /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 432s Object 0: 432s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=81554bc5d398c71a;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 432s Type: X.509 Certificate (RSA-1024) 432s Expires: Thu Mar 20 18:29:27 2025 432s Label: Test Organization Sub Intermediate Trusted Certificate 0001 432s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 432s 432s Test Organization Sub Int Token 432s Certificates generation completed! 432s + echo 'Test Organization Sub Int Token' 432s + echo 'Certificates generation completed!' 432s + exit 0 432s + find /tmp/sssd-softhsm2-certs-l8HA33 -type d -exec chmod 777 '{}' ';' 432s + find /tmp/sssd-softhsm2-certs-l8HA33 -type f -exec chmod 666 '{}' ';' 432s + backup_file /etc/sssd/sssd.conf 432s + '[' -z '' ']' 432s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 432s + backupsdir=/tmp/sssd-softhsm2-backups-p4162Y 432s + '[' -e /etc/sssd/sssd.conf ']' 433s + delete_paths+=("$1") 433s + rm -f /etc/sssd/sssd.conf 433s ++ runuser -u ubuntu -- sh -c 'echo ~' 433s + user_home=/home/ubuntu 433s + mkdir -p /home/ubuntu 433s + chown ubuntu:ubuntu /home/ubuntu 433s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 433s + user_config=/home/ubuntu/.config 433s + system_config=/etc 433s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 433s + for path_pair in "${softhsm2_conf_paths[@]}" 433s + IFS=: 433s + read -r -a path 433s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 433s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 433s + '[' -z /tmp/sssd-softhsm2-backups-p4162Y ']' 433s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 433s + delete_paths+=("$1") 433s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 433s + for path_pair in "${softhsm2_conf_paths[@]}" 433s + IFS=: 433s + read -r -a path 433s + path=/etc/softhsm/softhsm2.conf 433s + backup_file /etc/softhsm/softhsm2.conf 433s + '[' -z /tmp/sssd-softhsm2-backups-p4162Y ']' 433s + '[' -e /etc/softhsm/softhsm2.conf ']' 433s ++ dirname /etc/softhsm/softhsm2.conf 433s + local back_dir=/tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm 433s ++ basename /etc/softhsm/softhsm2.conf 433s + local back_path=/tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm/softhsm2.conf 433s + '[' '!' -e /tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm/softhsm2.conf ']' 433s + mkdir -p /tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm 433s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm/softhsm2.conf 433s + restore_paths+=("$back_path") 433s + rm -f /etc/softhsm/softhsm2.conf 433s + test_authentication login /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem 433s + pam_service=login 433s + certificate_config=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf 433s + ca_db=/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem 433s + verification_options= 433s + mkdir -p -m 700 /etc/sssd 433s Using CA DB '/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem' with verification options: '' 433s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 433s + cat 433s + chmod 600 /etc/sssd/sssd.conf 433s + for path_pair in "${softhsm2_conf_paths[@]}" 433s + IFS=: 433s + read -r -a path 433s + user=ubuntu 433s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 433s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 433s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 433s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 433s + runuser -u ubuntu -- softhsm2-util --show-slots 433s + grep 'Test Organization' 433s Label: Test Organization Root Tr Token 433s + for path_pair in "${softhsm2_conf_paths[@]}" 433s + IFS=: 433s + read -r -a path 433s + user=root 433s Label: Test Organization Root Tr Token 433s + path=/etc/softhsm/softhsm2.conf 433s ++ dirname /etc/softhsm/softhsm2.conf 433s + runuser -u root -- mkdir -p /etc/softhsm 433s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 433s + runuser -u root -- softhsm2-util --show-slots 433s + grep 'Test Organization' 433s + systemctl restart sssd 433s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 433s + for alternative in "${alternative_pam_configs[@]}" 433s + pam-auth-update --enable sss-smart-card-optional 433s + cat /etc/pam.d/common-auth 433s # 433s # /etc/pam.d/common-auth - authentication settings common to all services 433s # 433s # This file is included from other service-specific PAM config files, 433s # and should contain a list of the authentication modules that define 433s # the central authentication scheme for use on the system 433s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 433s # traditional Unix authentication mechanisms. 433s # 433s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 433s # To take advantage of this, it is recommended that you configure any 433s # local modules either before or after the default block, and use 433s # pam-auth-update to manage selection of other modules. See 433s # pam-auth-update(8) for details. 433s 433s # here are the per-package modules (the "Primary" block) 433s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 433s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 433s auth [success=1 default=ignore] pam_sss.so use_first_pass 433s # here's the fallback if no module succeeds 433s auth requisite pam_deny.so 433s # prime the stack with a positive return value if there isn't one already; 433s # this avoids us returning an error just because nothing sets a success code 433s # since the modules above will each just jump around 433s auth required pam_permit.so 433s # and here are more per-package modules (the "Additional" block) 433s auth optional pam_cap.so 433s # end of pam-auth-update config 433s + echo -n -e 123456 433s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 433s pamtester: invoking pam_start(login, ubuntu, ...) 433s pamtester: performing operation - authenticate 433s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 433s + echo -n -e 123456 433s + runuser -u ubuntu -- pamtester -v login '' authenticate 433s pamtester: invoking pam_start(login, , ...) 433s pamtester: performing operation - authenticate 433s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 433s + echo -n -e wrong123456 433s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 433s pamtester: invoking pam_start(login, ubuntu, ...) 433s pamtester: performing operation - authenticate 436s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 436s + echo -n -e wrong123456 436s + runuser -u ubuntu -- pamtester -v login '' authenticate 436s pamtester: invoking pam_start(login, , ...) 436s pamtester: performing operation - authenticate 440s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 440s + echo -n -e 123456 440s + pamtester -v login root authenticate 440s pamtester: invoking pam_start(login, root, ...) 440s pamtester: performing operation - authenticate 442s Password: pamtester: Authentication failure 443s + for alternative in "${alternative_pam_configs[@]}" 443s + pam-auth-update --enable sss-smart-card-required 443s PAM configuration 443s ----------------- 443s 443s Incompatible PAM profiles selected. 443s 443s The following PAM profiles cannot be used together: 443s 443s SSS required smart card authentication, SSS optional smart card 443s authentication 443s 443s Please select a different set of modules to enable. 443s 443s + cat /etc/pam.d/common-auth 443s + echo -n -e 123456 443s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 443s # 443s # /etc/pam.d/common-auth - authentication settings common to all services 443s # 443s # This file is included from other service-specific PAM config files, 443s # and should contain a list of the authentication modules that define 443s # the central authentication scheme for use on the system 443s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 443s # traditional Unix authentication mechanisms. 443s # 443s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 443s # To take advantage of this, it is recommended that you configure any 443s # local modules either before or after the default block, and use 443s # pam-auth-update to manage selection of other modules. See 443s # pam-auth-update(8) for details. 443s 443s # here are the per-package modules (the "Primary" block) 443s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 443s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 443s auth [success=1 default=ignore] pam_sss.so use_first_pass 443s # here's the fallback if no module succeeds 443s auth requisite pam_deny.so 443s # prime the stack with a positive return value if there isn't one already; 443s # this avoids us returning an error just because nothing sets a success code 443s # since the modules above will each just jump around 443s auth required pam_permit.so 443s # and here are more per-package modules (the "Additional" block) 443s auth optional pam_cap.so 443s # end of pam-auth-update config 443s pamtester: invoking pam_start(login, ubuntu, ...) 443s pamtester: performing operation - authenticate 443s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 443s + echo -n -e 123456 443s + runuser -u ubuntu -- pamtester -v login '' authenticate 443s pamtester: invoking pam_start(login, , ...) 443s pamtester: performing operation - authenticate 443s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 443s + echo -n -e wrong123456 443s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 443s pamtester: invoking pam_start(login, ubuntu, ...) 443s pamtester: performing operation - authenticate 446s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 446s + echo -n -e wrong123456 446s + runuser -u ubuntu -- pamtester -v login '' authenticate 446s pamtester: invoking pam_start(login, , ...) 446s pamtester: performing operation - authenticate 449s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 449s + echo -n -e 123456 449s + pamtester -v login root authenticate 449s pamtester: invoking pam_start(login, root, ...) 449s pamtester: performing operation - authenticate 453s pamtester: Authentication service cannot retrieve authentication info 453s + test_authentication login /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem 453s + pam_service=login 453s + certificate_config=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 453s + ca_db=/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem 453s + verification_options= 453s + mkdir -p -m 700 /etc/sssd 453s Using CA DB '/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem' with verification options: '' 453s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-l8HA33/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 453s + cat 453s + chmod 600 /etc/sssd/sssd.conf 453s Label: Test Organization Sub Int Token 453s Label: Test Organization Sub Int Token 453s + for path_pair in "${softhsm2_conf_paths[@]}" 453s + IFS=: 453s + read -r -a path 453s + user=ubuntu 453s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 453s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 453s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 453s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 453s + runuser -u ubuntu -- softhsm2-util --show-slots 453s + grep 'Test Organization' 453s + for path_pair in "${softhsm2_conf_paths[@]}" 453s + IFS=: 453s + read -r -a path 453s + user=root 453s + path=/etc/softhsm/softhsm2.conf 453s ++ dirname /etc/softhsm/softhsm2.conf 453s + runuser -u root -- mkdir -p /etc/softhsm 453s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 453s + runuser -u root -- softhsm2-util --show-slots 453s + grep 'Test Organization' 453s + systemctl restart sssd 453s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 453s + for alternative in "${alternative_pam_configs[@]}" 453s + pam-auth-update --enable sss-smart-card-optional 453s + cat /etc/pam.d/common-auth 453s # 453s # /etc/pam.d/common-auth - authentication settings common to all services 453s # 453s # This file is included from other service-specific PAM config files, 453s # and should contain a list of the authentication modules that define 453s # the central authentication scheme for use on the system 453s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 453s # traditional Unix authentication mechanisms. 453s # 453s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 453s # To take advantage of this, it is recommended that you configure any 453s # local modules either before or after the default block, and use 453s # pam-auth-update to manage selection of other modules. See 453s # pam-auth-update(8) for details. 453s 453s # here are the per-package modules (the "Primary" block) 453s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 453s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 453s auth [success=1 default=ignore] pam_sss.so use_first_pass 453s # here's the fallback if no module succeeds 453s auth requisite pam_deny.so 453s # prime the stack with a positive return value if there isn't one already; 453s # this avoids us returning an error just because nothing sets a success code 453s # since the modules above will each just jump around 453s auth required pam_permit.so 453s # and here are more per-package modules (the "Additional" block) 453s auth optional pam_cap.so 453s # end of pam-auth-update config 453s + echo -n -e 123456 453s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 453s pamtester: invoking pam_start(login, ubuntu, ...) 453s pamtester: performing operation - authenticate 453s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 453s + echo -n -e 123456 453s + runuser -u ubuntu -- pamtester -v login '' authenticate 453s pamtester: invoking pam_start(login, , ...) 453s pamtester: performing operation - authenticate 453s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 453s + echo -n -e wrong123456 453s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 454s pamtester: invoking pam_start(login, ubuntu, ...) 454s pamtester: performing operation - authenticate 457s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 457s + echo -n -e wrong123456 457s + runuser -u ubuntu -- pamtester -v login '' authenticate 457s pamtester: invoking pam_start(login, , ...) 457s pamtester: performing operation - authenticate 460s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 460s + echo -n -e 123456 460s + pamtester -v login root authenticate 460s pamtester: invoking pam_start(login, root, ...) 460s pamtester: performing operation - authenticate 463s Password: pamtester: Authentication failure 463s + for alternative in "${alternative_pam_configs[@]}" 463s + pam-auth-update --enable sss-smart-card-required 463s PAM configuration 463s ----------------- 463s 463s Incompatible PAM profiles selected. 463s 463s The following PAM profiles cannot be used together: 463s 463s SSS required smart card authentication, SSS optional smart card 463s authentication 463s 463s Please select a different set of modules to enable. 463s 463s + cat /etc/pam.d/common-auth 463s # 463s # /etc/pam.d/common-auth - authentication settings common to all services 463s # 463s # This file is included from other service-specific PAM config files, 463s # and should contain a list of the authentication modules that define 463s # the central authentication scheme for use on the system 463s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 463s # traditional Unix authentication mechanisms. 463s # 463s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 463s # To take advantage of this, it is recommended that you configure any 463s # local modules either before or after the default block, and use 463s # pam-auth-update to manage selection of other modules. See 463s # pam-auth-update(8) for details. 463s 463s # here are the per-package modules (the "Primary" block) 463s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 463s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 463s auth [success=1 default=ignore] pam_sss.so use_first_pass 463s # here's the fallback if no module succeeds 463s auth requisite pam_deny.so 463s # prime the stack with a positive return value if there isn't one already; 463s # this avoids us returning an error just because nothing sets a success code 463s # since the modules above will each just jump around 463s auth required pam_permit.so 463s # and here are more per-package modules (the "Additional" block) 463s auth optional pam_cap.so 463s # end of pam-auth-update config 463s + echo -n -e 123456 463s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 463s pamtester: invoking pam_start(login, ubuntu, ...) 463s pamtester: performing operation - authenticate 464s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 464s + echo -n -e 123456 464s + runuser -u ubuntu -- pamtester -v login '' authenticate 464s pamtester: invoking pam_start(login, , ...) 464s pamtester: performing operation - authenticate 464s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 464s + echo -n -e wrong123456 464s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 464s pamtester: invoking pam_start(login, ubuntu, ...) 464s pamtester: performing operation - authenticate 466s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 466s + echo -n -e wrong123456 466s + runuser -u ubuntu -- pamtester -v login '' authenticate 466s pamtester: invoking pam_start(login, , ...) 466s pamtester: performing operation - authenticate 469s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 469s + echo -n -e 123456 469s + pamtester -v login root authenticate 469s pamtester: invoking pam_start(login, root, ...) 469s pamtester: performing operation - authenticate 472s pamtester: Authentication service cannot retrieve authentication info 472s + test_authentication login /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem partial_chain 472s + pam_service=login 472s + certificate_config=/tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 472s + ca_db=/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem 472s + verification_options=partial_chain 472s + mkdir -p -m 700 /etc/sssd 472s Using CA DB '/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 472s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-l8HA33/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 472s + cat 472s + chmod 600 /etc/sssd/sssd.conf 472s Label: Test Organization Sub Int Token 472s Label: Test Organization Sub Int Token 472s + for path_pair in "${softhsm2_conf_paths[@]}" 472s + IFS=: 472s + read -r -a path 472s + user=ubuntu 472s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 472s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 472s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 472s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 472s + runuser -u ubuntu -- softhsm2-util --show-slots 472s + grep 'Test Organization' 472s + for path_pair in "${softhsm2_conf_paths[@]}" 472s + IFS=: 472s + read -r -a path 472s + user=root 472s + path=/etc/softhsm/softhsm2.conf 472s ++ dirname /etc/softhsm/softhsm2.conf 472s + runuser -u root -- mkdir -p /etc/softhsm 472s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-l8HA33/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 472s + runuser -u root -- softhsm2-util --show-slots 472s + grep 'Test Organization' 472s + systemctl restart sssd 472s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 472s + for alternative in "${alternative_pam_configs[@]}" 472s + pam-auth-update --enable sss-smart-card-optional 472s # 472s # /etc/pam.d/common-auth - authentication settings common to all services 472s # 472s # This file is included from other service-specific PAM config files, 472s # and should contain a list of the authentication modules that define 472s # the central authentication scheme for use on the system 472s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 472s # traditional Unix authentication mechanisms. 472s # 472s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 472s # To take advantage of this, it is recommended that you configure any 472s # local modules either before or after the default block, and use 472s # pam-auth-update to manage selection of other modules. See 472s # pam-auth-update(8) for details. 472s 472s # here are the per-package modules (the "Primary" block) 472s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 472s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 472s auth [success=1 default=ignore] pam_sss.so use_first_pass 472s # here's the fallback if no module succeeds 472s auth requisite pam_deny.so 472s # prime the stack with a positive return value if there isn't one already; 472s # this avoids us returning an error just because nothing sets a success code 472s # since the modules above will each just jump around 472s auth required pam_permit.so 472s # and here are more per-package modules (the "Additional" block) 472s auth optional pam_cap.so 472s # end of pam-auth-update config 472s + cat /etc/pam.d/common-auth 472s + echo -n -e 123456 472s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 472s pamtester: invoking pam_start(login, ubuntu, ...) 472s pamtester: performing operation - authenticate 473s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 473s + echo -n -e 123456 473s + runuser -u ubuntu -- pamtester -v login '' authenticate 473s pamtester: invoking pam_start(login, , ...) 473s pamtester: performing operation - authenticate 473s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 473s + echo -n -e wrong123456 473s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 473s pamtester: invoking pam_start(login, ubuntu, ...) 473s pamtester: performing operation - authenticate 476s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 476s + echo -n -e wrong123456 476s + runuser -u ubuntu -- pamtester -v login '' authenticate 476s pamtester: invoking pam_start(login, , ...) 476s pamtester: performing operation - authenticate 479s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 479s + echo -n -e 123456 479s + pamtester -v login root authenticate 479s pamtester: invoking pam_start(login, root, ...) 479s pamtester: performing operation - authenticate 483s Password: pamtester: Authentication failure 483s + for alternative in "${alternative_pam_configs[@]}" 483s + pam-auth-update --enable sss-smart-card-required 483s PAM configuration 483s ----------------- 483s 483s Incompatible PAM profiles selected. 483s 483s The following PAM profiles cannot be used together: 483s 483s SSS required smart card authentication, SSS optional smart card 483s authentication 483s 483s Please select a different set of modules to enable. 483s 483s + cat /etc/pam.d/common-auth 483s # 483s # /etc/pam.d/common-auth - authentication settings common to all services 483s # 483s # This file is included from other service-specific PAM config files, 483s # and should contain a list of the authentication modules that define 483s # the central authentication scheme for use on the system 483s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 483s # traditional Unix authentication mechanisms. 483s # 483s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 483s # To take advantage of this, it is recommended that you configure any 483s # local modules either before or after the default block, and use 483s # pam-auth-update to manage selection of other modules. See 483s # pam-auth-update(8) for details. 483s 483s # here are the per-package modules (the "Primary" block) 483s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 483s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 483s auth [success=1 default=ignore] pam_sss.so use_first_pass 483s # here's the fallback if no module succeeds 483s auth requisite pam_deny.so 483s # prime the stack with a positive return value if there isn't one already; 483s # this avoids us returning an error just because nothing sets a success code 483s # since the modules above will each just jump around 483s auth required pam_permit.so 483s # and here are more per-package modules (the "Additional" block) 483s auth optional pam_cap.so 483s # end of pam-auth-update config 483s + echo -n -e 123456 483s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 483s pamtester: invoking pam_start(login, ubuntu, ...) 483s pamtester: performing operation - authenticate 483s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 483s + echo -n -e 123456 483s + runuser -u ubuntu -- pamtester -v login '' authenticate 483s pamtester: invoking pam_start(login, , ...) 483s pamtester: performing operation - authenticate 483s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 483s + echo -n -e wrong123456 483s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 483s pamtester: invoking pam_start(login, ubuntu, ...) 483s pamtester: performing operation - authenticate 488s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 488s + echo -n -e wrong123456 488s + runuser -u ubuntu -- pamtester -v login '' authenticate 488s pamtester: invoking pam_start(login, , ...) 488s pamtester: performing operation - authenticate 490s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 490s + echo -n -e 123456 490s + pamtester -v login root authenticate 490s pamtester: invoking pam_start(login, root, ...) 490s pamtester: performing operation - authenticate 493s pamtester: Authentication service cannot retrieve authentication info 493s + handle_exit 493s + exit_code=0 493s + restore_changes 493s + for path in "${restore_paths[@]}" 493s + local original_path 493s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-p4162Y /tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm/softhsm2.conf 493s + original_path=/etc/softhsm/softhsm2.conf 493s + rm /etc/softhsm/softhsm2.conf 493s + mv /tmp/sssd-softhsm2-backups-p4162Y//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 493s + for path in "${delete_paths[@]}" 493s + rm -f /etc/sssd/sssd.conf 493s + for path in "${delete_paths[@]}" 493s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 493s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 493s + '[' -e /etc/sssd/sssd.conf ']' 493s + systemctl stop sssd 493s + '[' -e /etc/softhsm/softhsm2.conf ']' 493s + chmod 600 /etc/softhsm/softhsm2.conf 493s + rm -rf /tmp/sssd-softhsm2-certs-l8HA33 493s + '[' 0 = 0 ']' 493s + rm -rf /tmp/sssd-softhsm2-backups-p4162Y 493s Script completed successfully! 493s + set +x 494s autopkgtest [18:30:29]: test sssd-smart-card-pam-auth-configs: -----------------------] 494s sssd-smart-card-pam-auth-configs PASS 494s autopkgtest [18:30:29]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 495s autopkgtest [18:30:30]: @@@@@@@@@@@@@@@@@@@@ summary 495s ldap-user-group-ldap-auth PASS 495s ldap-user-group-krb5-auth PASS 495s sssd-softhism2-certificates-tests.sh PASS 495s sssd-smart-card-pam-auth-configs PASS 515s Creating nova instance adt-noble-ppc64el-sssd-20240320-182215-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-ppc64el-server-20240320.img (UUID 2c394bf3-261b-42bf-b2a7-4487c1d5a6ac)... 515s Creating nova instance adt-noble-ppc64el-sssd-20240320-182215-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-ppc64el-server-20240320.img (UUID 2c394bf3-261b-42bf-b2a7-4487c1d5a6ac)...