0s autopkgtest [15:32:27]: starting date and time: 2024-03-21 15:32:27+0000 0s autopkgtest [15:32:27]: git checkout: 4a1cd702 l/adt_testbed: don't blame the testbed for unsolvable build deps 0s autopkgtest [15:32:27]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.rtfkb3of/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --setup-commands /home/ubuntu/autopkgtest/setup-commands/setup-testbed --apt-pocket=proposed=src:cyrus-sasl2,src:db5.3,src:heimdal,src:openssl --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=cyrus-sasl2/2.1.28+dfsg1-5ubuntu1 db5.3/5.3.28+dfsg2-6 heimdal/7.8.git20221117.28daf24+dfsg-5ubuntu2 openssl/3.0.13-0ubuntu2' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos02-ppc64el-19.secgroup --name adt-noble-ppc64el-sssd-20240321-153227-juju-7f2275-prod-proposed-migration-environment-2 --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 150s autopkgtest [15:34:57]: testbed dpkg architecture: ppc64el 150s autopkgtest [15:34:57]: testbed apt version: 2.7.12 150s autopkgtest [15:34:57]: @@@@@@@@@@@@@@@@@@@@ test bed setup 151s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 151s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 151s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 151s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [495 kB] 152s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3775 kB] 152s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [670 kB] 152s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 152s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 152s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 152s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4084 kB] 153s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 153s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [58.3 kB] 153s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 155s Fetched 9272 kB in 3s (3600 kB/s) 156s Reading package lists... 158s Reading package lists... 158s Building dependency tree... 158s Reading state information... 159s Calculating upgrade... 159s The following packages will be REMOVED: 159s libssl3 159s The following NEW packages will be installed: 159s libssl3t64 159s The following packages have been kept back: 159s libsasl2-2 libsasl2-modules-db 159s The following packages will be upgraded: 159s debianutils libsasl2-modules linux-firmware openssl 160s 4 upgraded, 1 newly installed, 1 to remove and 2 not upgraded. 160s Need to get 479 MB of archives. 160s After this operation, 5798 kB of additional disk space will be used. 160s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el debianutils ppc64el 5.17 [90.4 kB] 160s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el openssl ppc64el 3.0.13-0ubuntu2 [1026 kB] 160s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsasl2-modules ppc64el 2.1.28+dfsg1-5ubuntu1 [83.1 kB] 161s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libssl3t64 ppc64el 3.0.13-0ubuntu2 [2125 kB] 161s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el linux-firmware ppc64el 20240318.git3b128b60-0ubuntu1 [475 MB] 252s Fetched 479 MB in 1min 33s (5137 kB/s) 252s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 252s Preparing to unpack .../debianutils_5.17_ppc64el.deb ... 252s Unpacking debianutils (5.17) over (5.16) ... 252s Setting up debianutils (5.17) ... 253s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 253s Preparing to unpack .../openssl_3.0.13-0ubuntu2_ppc64el.deb ... 253s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 253s Preparing to unpack .../libsasl2-modules_2.1.28+dfsg1-5ubuntu1_ppc64el.deb ... 253s Unpacking libsasl2-modules:ppc64el (2.1.28+dfsg1-5ubuntu1) over (2.1.28+dfsg1-4) ... 253s dpkg: libssl3:ppc64el: dependency problems, but removing anyway as you requested: 253s wget depends on libssl3 (>= 3.0.0). 253s tnftp depends on libssl3 (>= 3.0.0). 253s tcpdump depends on libssl3 (>= 3.0.0). 253s systemd-resolved depends on libssl3 (>= 3.0.0). 253s systemd depends on libssl3 (>= 3.0.0). 253s sudo depends on libssl3 (>= 3.0.0). 253s rsync depends on libssl3 (>= 3.0.0). 253s python3-cryptography depends on libssl3 (>= 3.0.0). 253s openssh-server depends on libssl3 (>= 3.0.10). 253s openssh-client depends on libssl3 (>= 3.0.10). 253s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 253s libsystemd-shared:ppc64el depends on libssl3 (>= 3.0.0). 253s libssh-4:ppc64el depends on libssl3 (>= 3.0.0). 253s libsasl2-2:ppc64el depends on libssl3 (>= 3.0.0). 253s libpython3.12-minimal:ppc64el depends on libssl3 (>= 3.0.0). 253s libpython3.11-minimal:ppc64el depends on libssl3 (>= 3.0.0). 253s libnvme1 depends on libssl3 (>= 3.0.0). 253s libkrb5-3:ppc64el depends on libssl3 (>= 3.0.0). 253s libkmod2:ppc64el depends on libssl3 (>= 3.0.0). 253s libfido2-1:ppc64el depends on libssl3 (>= 3.0.0). 253s libcurl4:ppc64el depends on libssl3 (>= 3.0.0). 253s libcryptsetup12:ppc64el depends on libssl3 (>= 3.0.0). 253s kmod depends on libssl3 (>= 3.0.0). 253s dhcpcd-base depends on libssl3 (>= 3.0.0). 253s bind9-libs:ppc64el depends on libssl3 (>= 3.0.0). 253s 253s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 253s Removing libssl3:ppc64el (3.0.10-1ubuntu4) ... 253s Selecting previously unselected package libssl3t64:ppc64el. 253s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70084 files and directories currently installed.) 253s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_ppc64el.deb ... 253s Unpacking libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 253s Preparing to unpack .../linux-firmware_20240318.git3b128b60-0ubuntu1_ppc64el.deb ... 253s Unpacking linux-firmware (20240318.git3b128b60-0ubuntu1) over (20240202.git36777504-0ubuntu1) ... 256s Setting up linux-firmware (20240318.git3b128b60-0ubuntu1) ... 256s Setting up libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 256s Setting up libsasl2-modules:ppc64el (2.1.28+dfsg1-5ubuntu1) ... 256s Setting up openssl (3.0.13-0ubuntu2) ... 256s Processing triggers for man-db (2.12.0-3) ... 257s Processing triggers for libc-bin (2.39-0ubuntu2) ... 257s Processing triggers for initramfs-tools (0.142ubuntu20) ... 257s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 257s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 263s Reading package lists... 263s Building dependency tree... 263s Reading state information... 263s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 264s sh: Attempting to set up Debian/Ubuntu apt sources automatically 264s sh: Distribution appears to be Ubuntu 265s Reading package lists... 265s Building dependency tree... 265s Reading state information... 265s eatmydata is already the newest version (131-1). 265s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 265s Reading package lists... 266s Building dependency tree... 266s Reading state information... 266s dbus is already the newest version (1.14.10-4ubuntu1). 266s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 266s Reading package lists... 266s Building dependency tree... 266s Reading state information... 266s rng-tools-debian is already the newest version (2.4). 266s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 266s Reading package lists... 266s Building dependency tree... 266s Reading state information... 266s The following packages will be REMOVED: 266s cloud-init* python3-configobj* python3-debconf* 267s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 267s After this operation, 3252 kB disk space will be freed. 267s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70159 files and directories currently installed.) 267s Removing cloud-init (24.1.1-0ubuntu1) ... 267s Removing python3-configobj (5.0.8-3) ... 267s Removing python3-debconf (1.5.86) ... 267s Processing triggers for man-db (2.12.0-3) ... 268s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69770 files and directories currently installed.) 268s Purging configuration files for cloud-init (24.1.1-0ubuntu1) ... 268s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 268s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 268s invoke-rc.d: policy-rc.d denied execution of try-restart. 268s Reading package lists... 269s Building dependency tree... 269s Reading state information... 269s linux-generic is already the newest version (6.8.0-11.11+1). 269s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 269s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 269s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 269s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 272s Reading package lists... 272s Reading package lists... 272s Building dependency tree... 272s Reading state information... 272s Calculating upgrade... 272s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 272s Reading package lists... 272s Building dependency tree... 272s Reading state information... 273s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 273s autopkgtest [15:37:00]: rebooting testbed after setup commands that affected boot 434s autopkgtest [15:39:41]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP Wed Feb 14 00:33:03 UTC 2024 437s autopkgtest [15:39:44]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 454s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 454s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 454s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 454s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 454s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 454s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 454s gpgv: Can't check signature: No public key 454s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 455s autopkgtest [15:40:02]: testing package sssd version 2.9.4-1ubuntu1 456s autopkgtest [15:40:03]: build not needed 463s autopkgtest [15:40:10]: test ldap-user-group-ldap-auth: preparing testbed 472s Reading package lists... 472s Building dependency tree... 472s Reading state information... 472s Starting pkgProblemResolver with broken count: 0 472s Starting 2 pkgProblemResolver with broken count: 0 472s Done 472s The following additional packages will be installed: 472s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 472s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 472s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 472s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 472s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 472s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 472s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 472s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 472s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 472s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 472s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 473s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 473s Suggested packages: 473s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 473s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 473s Recommended packages: 473s cracklib-runtime libsasl2-modules-gssapi-mit 473s | libsasl2-modules-gssapi-heimdal 473s The following NEW packages will be installed: 473s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 473s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 473s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 473s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 473s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 473s libpwquality1 libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 473s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 473s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 473s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 473s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 473s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 473s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 473s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 473s Need to get 14.3 MB/14.3 MB of archives. 473s After this operation, 69.9 MB of additional disk space will be used. 473s Get:1 /tmp/autopkgtest.HSIGxg/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [868 B] 473s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7 [48.0 kB] 473s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libodbc2 ppc64el 2.3.12-1 [187 kB] 473s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [1768 kB] 473s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.13+dfsg-2 [1179 kB] 473s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.13+dfsg-2 [14.8 kB] 473s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-2build1 [112 kB] 473s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-2build1 [137 kB] 473s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [154 kB] 473s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 473s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 473s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 473s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 473s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 473s Get:15 http://ftpmaster.internal/ubuntu noble/universe ppc64el libjose0 ppc64el 11-3 [50.3 kB] 473s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1 ppc64el 0.3.1-1ubuntu5 [5960 B] 473s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1 ppc64el 0.3.1-1ubuntu5 [11.6 kB] 473s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libkrad0 ppc64el 1.20.1-5build1 [24.3 kB] 473s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 474s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 474s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 474s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 474s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 474s Get:24 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 474s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 474s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 474s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 474s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 474s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 474s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 474s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 474s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 474s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 474s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 474s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 474s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 474s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 474s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 474s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 474s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 474s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 474s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 474s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 474s Get:44 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-idp ppc64el 2.9.4-1ubuntu1 [30.8 kB] 474s Get:45 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-passkey ppc64el 2.9.4-1ubuntu1 [35.4 kB] 474s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 474s Get:47 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 474s Get:48 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 474s Get:49 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 474s Get:50 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 474s Get:51 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 474s Get:52 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 474s Get:53 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 474s Get:54 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 474s Get:55 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 475s Get:56 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-dbus ppc64el 2.9.4-1ubuntu1 [122 kB] 475s Get:57 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-kcm ppc64el 2.9.4-1ubuntu1 [160 kB] 475s Get:58 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-tools ppc64el 2.9.4-1ubuntu1 [108 kB] 475s Get:59 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1ubuntu1 [6666 B] 475s Get:60 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1ubuntu1 [5734 B] 475s Get:61 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1ubuntu1 [8380 B] 475s Get:62 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1ubuntu1 [6722 B] 475s Get:63 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsss-sudo ppc64el 2.9.4-1ubuntu1 [22.4 kB] 475s Get:64 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1ubuntu1 [19.2 kB] 475s Get:65 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1ubuntu1 [9542 B] 475s Preconfiguring packages ... 475s Fetched 14.3 MB in 2s (6689 kB/s) 475s Selecting previously unselected package libltdl7:ppc64el. 475s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69715 files and directories currently installed.) 475s Preparing to unpack .../00-libltdl7_2.4.7-7_ppc64el.deb ... 475s Unpacking libltdl7:ppc64el (2.4.7-7) ... 475s Selecting previously unselected package libodbc2:ppc64el. 475s Preparing to unpack .../01-libodbc2_2.3.12-1_ppc64el.deb ... 475s Unpacking libodbc2:ppc64el (2.3.12-1) ... 475s Selecting previously unselected package slapd. 475s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 475s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 475s Selecting previously unselected package libtcl8.6:ppc64el. 475s Preparing to unpack .../03-libtcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 475s Unpacking libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 475s Selecting previously unselected package tcl8.6. 475s Preparing to unpack .../04-tcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 475s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 475s Selecting previously unselected package tcl-expect:ppc64el. 475s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_ppc64el.deb ... 475s Unpacking tcl-expect:ppc64el (5.45.4-2build1) ... 476s Selecting previously unselected package expect. 476s Preparing to unpack .../06-expect_5.45.4-2build1_ppc64el.deb ... 476s Unpacking expect (5.45.4-2build1) ... 476s Selecting previously unselected package ldap-utils. 476s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 476s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 476s Selecting previously unselected package libavahi-common-data:ppc64el. 476s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 476s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 476s Selecting previously unselected package libavahi-common3:ppc64el. 476s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 476s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 476s Selecting previously unselected package libavahi-client3:ppc64el. 476s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 476s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 476s Selecting previously unselected package libcrack2:ppc64el. 476s Preparing to unpack .../11-libcrack2_2.9.6-5.1_ppc64el.deb ... 476s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 476s Selecting previously unselected package libevent-2.1-7:ppc64el. 476s Preparing to unpack .../12-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 476s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 476s Selecting previously unselected package libjose0:ppc64el. 476s Preparing to unpack .../13-libjose0_11-3_ppc64el.deb ... 476s Unpacking libjose0:ppc64el (11-3) ... 476s Selecting previously unselected package libverto-libevent1:ppc64el. 476s Preparing to unpack .../14-libverto-libevent1_0.3.1-1ubuntu5_ppc64el.deb ... 476s Unpacking libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 476s Selecting previously unselected package libverto1:ppc64el. 476s Preparing to unpack .../15-libverto1_0.3.1-1ubuntu5_ppc64el.deb ... 476s Unpacking libverto1:ppc64el (0.3.1-1ubuntu5) ... 476s Selecting previously unselected package libkrad0:ppc64el. 476s Preparing to unpack .../16-libkrad0_1.20.1-5build1_ppc64el.deb ... 476s Unpacking libkrad0:ppc64el (1.20.1-5build1) ... 476s Selecting previously unselected package libtalloc2:ppc64el. 476s Preparing to unpack .../17-libtalloc2_2.4.2-1_ppc64el.deb ... 476s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 476s Selecting previously unselected package libtdb1:ppc64el. 476s Preparing to unpack .../18-libtdb1_1.4.10-1_ppc64el.deb ... 476s Unpacking libtdb1:ppc64el (1.4.10-1) ... 476s Selecting previously unselected package libtevent0:ppc64el. 476s Preparing to unpack .../19-libtevent0_0.16.1-1_ppc64el.deb ... 476s Unpacking libtevent0:ppc64el (0.16.1-1) ... 476s Selecting previously unselected package libldb2:ppc64el. 476s Preparing to unpack .../20-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 476s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 476s Selecting previously unselected package libnfsidmap1:ppc64el. 476s Preparing to unpack .../21-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 476s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 476s Selecting previously unselected package libnss-sudo. 476s Preparing to unpack .../22-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 476s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 476s Selecting previously unselected package libpwquality-common. 476s Preparing to unpack .../23-libpwquality-common_1.4.5-3_all.deb ... 476s Unpacking libpwquality-common (1.4.5-3) ... 476s Selecting previously unselected package libpwquality1:ppc64el. 476s Preparing to unpack .../24-libpwquality1_1.4.5-3_ppc64el.deb ... 476s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 476s Selecting previously unselected package libpam-pwquality:ppc64el. 476s Preparing to unpack .../25-libpam-pwquality_1.4.5-3_ppc64el.deb ... 476s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 476s Selecting previously unselected package libwbclient0:ppc64el. 476s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 476s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 476s Selecting previously unselected package samba-libs:ppc64el. 476s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 476s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 476s Selecting previously unselected package libnss-sss:ppc64el. 476s Preparing to unpack .../28-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libpam-sss:ppc64el. 476s Preparing to unpack .../29-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package python3-sss. 476s Preparing to unpack .../30-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking python3-sss (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libc-ares2:ppc64el. 476s Preparing to unpack .../31-libc-ares2_1.27.0-1_ppc64el.deb ... 476s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 476s Selecting previously unselected package libdhash1:ppc64el. 476s Preparing to unpack .../32-libdhash1_0.6.2-2_ppc64el.deb ... 476s Unpacking libdhash1:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libbasicobjects0:ppc64el. 476s Preparing to unpack .../33-libbasicobjects0_0.6.2-2_ppc64el.deb ... 476s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libcollection4:ppc64el. 476s Preparing to unpack .../34-libcollection4_0.6.2-2_ppc64el.deb ... 476s Unpacking libcollection4:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libpath-utils1:ppc64el. 476s Preparing to unpack .../35-libpath-utils1_0.6.2-2_ppc64el.deb ... 476s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libref-array1:ppc64el. 476s Preparing to unpack .../36-libref-array1_0.6.2-2_ppc64el.deb ... 476s Unpacking libref-array1:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libini-config5:ppc64el. 476s Preparing to unpack .../37-libini-config5_0.6.2-2_ppc64el.deb ... 476s Unpacking libini-config5:ppc64el (0.6.2-2) ... 476s Selecting previously unselected package libsss-certmap0. 476s Preparing to unpack .../38-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libsss-idmap0. 476s Preparing to unpack .../39-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libsss-nss-idmap0. 476s Preparing to unpack .../40-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package sssd-common. 476s Preparing to unpack .../41-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-common (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package sssd-idp. 476s Preparing to unpack .../42-sssd-idp_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package sssd-passkey. 476s Preparing to unpack .../43-sssd-passkey_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package sssd-ad-common. 476s Preparing to unpack .../44-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package sssd-krb5-common. 476s Preparing to unpack .../45-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libsmbclient:ppc64el. 476s Preparing to unpack .../46-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 476s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 476s Selecting previously unselected package sssd-ad. 476s Preparing to unpack .../47-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 476s Selecting previously unselected package libipa-hbac0. 476s Preparing to unpack .../48-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 476s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-ipa. 477s Preparing to unpack .../49-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-krb5. 477s Preparing to unpack .../50-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-ldap. 477s Preparing to unpack .../51-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-proxy. 477s Preparing to unpack .../52-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd. 477s Preparing to unpack .../53-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-dbus. 477s Preparing to unpack .../54-sssd-dbus_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-kcm. 477s Preparing to unpack .../55-sssd-kcm_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package sssd-tools. 477s Preparing to unpack .../56-sssd-tools_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package libipa-hbac-dev. 477s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package libsss-certmap-dev. 477s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package libsss-idmap-dev. 477s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package libsss-nss-idmap-dev. 477s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package libsss-sudo. 477s Preparing to unpack .../61-libsss-sudo_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package python3-libipa-hbac. 477s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package python3-libsss-nss-idmap. 477s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1ubuntu1_ppc64el.deb ... 477s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 477s Selecting previously unselected package autopkgtest-satdep. 477s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 477s Unpacking autopkgtest-satdep (0) ... 477s Setting up libpwquality-common (1.4.5-3) ... 477s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 477s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 477s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 477s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 477s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 477s Setting up libtdb1:ppc64el (1.4.10-1) ... 477s Setting up libc-ares2:ppc64el (1.27.0-1) ... 477s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 477s Setting up libjose0:ppc64el (11-3) ... 477s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 477s Setting up libtalloc2:ppc64el (2.4.2-1) ... 477s Setting up libdhash1:ppc64el (0.6.2-2) ... 477s Setting up libtevent0:ppc64el (0.16.1-1) ... 477s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 477s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 477s Setting up libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 477s Setting up libltdl7:ppc64el (2.4.7-7) ... 477s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 477s Setting up libcollection4:ppc64el (0.6.2-2) ... 477s Setting up libodbc2:ppc64el (2.3.12-1) ... 477s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 477s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 477s Setting up libref-array1:ppc64el (0.6.2-2) ... 477s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 477s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 477s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 477s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 477s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 477s Creating new user openldap... done. 477s Creating initial configuration... done. 477s Creating LDAP directory... done. 478s Setting up tcl8.6 (8.6.13+dfsg-2) ... 478s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 478s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 478s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 478s Setting up libini-config5:ppc64el (0.6.2-2) ... 478s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 478s Setting up tcl-expect:ppc64el (5.45.4-2build1) ... 478s Setting up python3-sss (2.9.4-1ubuntu1) ... 478s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 478s Setting up libpwquality1:ppc64el (1.4.5-3) ... 478s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 478s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 478s Setting up expect (5.45.4-2build1) ... 478s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 478s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 478s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 478s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 478s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 478s Setting up sssd-common (2.9.4-1ubuntu1) ... 478s Creating SSSD system user & group... 478s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 478s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 478s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 478s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 479s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 479s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 479s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 479s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 480s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 480s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 480s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 480s sssd-autofs.service is a disabled or a static unit, not starting it. 481s sssd-nss.service is a disabled or a static unit, not starting it. 481s sssd-pam.service is a disabled or a static unit, not starting it. 481s sssd-ssh.service is a disabled or a static unit, not starting it. 481s sssd-sudo.service is a disabled or a static unit, not starting it. 481s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 481s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 481s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 481s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 481s sssd-kcm.service is a disabled or a static unit, not starting it. 481s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 482s sssd-ifp.service is a disabled or a static unit, not starting it. 482s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 482s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 482s sssd-pac.service is a disabled or a static unit, not starting it. 482s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 482s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 482s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 482s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 482s Setting up sssd-ad (2.9.4-1ubuntu1) ... 482s Setting up sssd-tools (2.9.4-1ubuntu1) ... 482s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 482s Setting up sssd (2.9.4-1ubuntu1) ... 482s Setting up libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 482s Setting up libverto1:ppc64el (0.3.1-1ubuntu5) ... 482s Setting up libkrad0:ppc64el (1.20.1-5build1) ... 482s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 482s Setting up sssd-idp (2.9.4-1ubuntu1) ... 482s Setting up autopkgtest-satdep (0) ... 482s Processing triggers for libc-bin (2.39-0ubuntu2) ... 482s Processing triggers for ufw (0.36.2-5) ... 482s Processing triggers for man-db (2.12.0-3) ... 483s Processing triggers for dbus (1.14.10-4ubuntu1) ... 491s (Reading database ... 71000 files and directories currently installed.) 491s Removing autopkgtest-satdep (0) ... 492s autopkgtest [15:40:39]: test ldap-user-group-ldap-auth: [----------------------- 492s + . debian/tests/util 492s + . debian/tests/common-tests 492s + mydomain=example.com 492s + myhostname=ldap.example.com 492s + mysuffix=dc=example,dc=com 492s + admin_dn=cn=admin,dc=example,dc=com 492s + admin_pw=secret 492s + ldap_user=testuser1 492s + ldap_user_pw=testuser1secret 492s + ldap_group=ldapusers 492s + adjust_hostname ldap.example.com 492s + local myhostname=ldap.example.com 492s + echo ldap.example.com 492s + hostname ldap.example.com 492s + grep -qE ldap.example.com /etc/hosts 492s + echo 127.0.1.10 ldap.example.com 492s + reconfigure_slapd 492s + debconf-set-selections 492s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 492s + dpkg-reconfigure -fnoninteractive -pcritical slapd 493s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 493s Moving old database directory to /var/backups: 493s - directory unknown... done. 493s Creating initial configuration... done. 493s Creating LDAP directory... done. 493s + generate_certs ldap.example.com 493s + local cn=ldap.example.com 493s + local cert=/etc/ldap/server.pem 493s + local key=/etc/ldap/server.key 493s + local cnf=/etc/ldap/openssl.cnf 493s + cat 493s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 493s .........................................................................................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 493s ...............................modifying entry "cn=config" 493s 493s adding new entry "ou=People,dc=example,dc=com" 493s 493s adding new entry "ou=Group,dc=example,dc=com" 493s 493s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 493s 493s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 493s 493s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 493s 493s ..++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 493s ----- 493s + chmod 0640 /etc/ldap/server.key 493s + chgrp openldap /etc/ldap/server.key 493s + [ ! -f /etc/ldap/server.pem ] 493s + [ ! -f /etc/ldap/server.key ] 493s + enable_ldap_ssl 493s + cat 493s + cat 493s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 493s + populate_ldap_rfc2307 493s + + cat 493s ldapadd -x -D cn=admin,dc=example,dc=com -w secret 493s + configure_sssd_ldap_rfc2307 493s + cat 493s + chmod 0600 /etc/sssd/sssd.conf 493s + systemctl restart sssd 493s + enable_pam_mkhomedir 493s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 493s + echo session optional pam_mkhomedir.so 493s + run_common_tests 493s + echo Assert local user databases do not have our LDAP test data 493s + Assert local user databases do not have our LDAP test data 493s check_local_user testuser1 493s + local local_user=testuser1 493s + grep -q ^testuser1 /etc/passwd 493s + check_local_group testuser1 493s + local local_group=testuser1 493s + grep -q ^testuser1 /etc/group 493s The LDAP user is known to the system via getent 493s + check_local_group ldapusers 493s + local local_group=ldapusers 493s + grep -q ^ldapusers /etc/group 493s + echo The LDAP user is known to the system via getent 493s + check_getent_user testuser1 493s + local getent_user=testuser1 493s + local output 493s + getent passwd testuser1 493s The LDAP user's private group is known to the system via getent 493s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 493s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 493s + echo The LDAP user's private group is known to the system via getent 493s + check_getent_group testuser1 493s + local getent_group=testuser1 493s + local output 493s + getent group testuser1 493s + The LDAP group ldapusers is known to the system via getent 493s output=testuser1:*:10001:testuser1 493s + [ -z testuser1:*:10001:testuser1 ] 493s + echo The LDAP group ldapusers is known to the system via getent 493s + check_getent_group ldapusers 493s + local getent_group=ldapusers 493s + local output 493s + getent group ldapusers 493s + output=ldapusers:*:10100:testuser1 493s + [ -z ldapusers:*:10100:testuser1 ] 493s + echo The id(1) command can resolve the group membership of the LDAP user 493s The id(1) command can resolve the group membership of the LDAP user 493s + id -Gn testuser1 493s + output=testuser1 ldapusers 493s + [ testuser1 ldapusers != testuser1 ldapusers ] 493s + echo The LDAP user can login on a terminal 493s The LDAP user can login on a terminal 493s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 493s spawn login 493s ldap.example.com login: testuser1 493s Password: 493s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 493s 493s * Documentation: https://help.ubuntu.com 493s * Management: https://landscape.canonical.com 493s * Support: https://ubuntu.com/pro 493s 493s 493s The programs included with the Ubuntu system are free software; 493s the exact distribution terms for each program are described in the 493s individual files in /usr/share/doc/*/copyright. 493s 493s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 493s applicable law. 493s 493s 493s The programs included with the Ubuntu system are free software; 493s the exact distribution terms for each program are described in the 493s individual files in /usr/share/doc/*/copyright. 493s 493s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 493s applicable law. 493s 493s Creating directory '/home/testuser1'. 493s [?2004htestuser1@ldap:~$ id -un 493s [?2004l testuser1 494s [?2004htestuser1@ldap:~$ autopkgtest [15:40:41]: test ldap-user-group-ldap-auth: -----------------------] 494s ldap-user-group-ldap-auth PASS 494s autopkgtest [15:40:41]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 495s autopkgtest [15:40:42]: test ldap-user-group-krb5-auth: preparing testbed 500s Reading package lists... 500s Building dependency tree... 500s Reading state information... 500s Starting pkgProblemResolver with broken count: 0 500s Starting 2 pkgProblemResolver with broken count: 0 500s Done 500s The following additional packages will be installed: 500s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 500s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 500s Suggested packages: 500s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 500s The following NEW packages will be installed: 500s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 500s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 500s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 500s Need to get 669 kB/670 kB of archives. 500s After this operation, 3104 kB of additional disk space will be used. 500s Get:1 /tmp/autopkgtest.HSIGxg/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [888 B] 501s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 501s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libgssrpc4 ppc64el 1.20.1-5build1 [64.3 kB] 501s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-5build1 [43.7 kB] 501s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libkdb5-10 ppc64el 1.20.1-5build1 [46.3 kB] 501s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-5build1 [60.8 kB] 501s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-user ppc64el 1.20.1-5build1 [117 kB] 501s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-kdc ppc64el 1.20.1-5build1 [207 kB] 501s Get:9 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-admin-server ppc64el 1.20.1-5build1 [108 kB] 502s Preconfiguring packages ... 502s Fetched 669 kB in 1s (618 kB/s) 502s Selecting previously unselected package krb5-config. 502s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 71000 files and directories currently installed.) 502s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 502s Unpacking krb5-config (2.7) ... 502s Selecting previously unselected package libgssrpc4:ppc64el. 502s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_ppc64el.deb ... 502s Unpacking libgssrpc4:ppc64el (1.20.1-5build1) ... 502s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 502s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_ppc64el.deb ... 502s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 502s Selecting previously unselected package libkdb5-10:ppc64el. 502s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_ppc64el.deb ... 502s Unpacking libkdb5-10:ppc64el (1.20.1-5build1) ... 502s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 502s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_ppc64el.deb ... 502s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 502s Selecting previously unselected package krb5-user. 502s Preparing to unpack .../5-krb5-user_1.20.1-5build1_ppc64el.deb ... 502s Unpacking krb5-user (1.20.1-5build1) ... 502s Selecting previously unselected package krb5-kdc. 502s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_ppc64el.deb ... 502s Unpacking krb5-kdc (1.20.1-5build1) ... 502s Selecting previously unselected package krb5-admin-server. 502s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_ppc64el.deb ... 502s Unpacking krb5-admin-server (1.20.1-5build1) ... 502s Selecting previously unselected package autopkgtest-satdep. 502s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 502s Unpacking autopkgtest-satdep (0) ... 502s Setting up libgssrpc4:ppc64el (1.20.1-5build1) ... 502s Setting up krb5-config (2.7) ... 503s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 503s Setting up libkdb5-10:ppc64el (1.20.1-5build1) ... 503s Setting up libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 503s Setting up krb5-user (1.20.1-5build1) ... 503s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 503s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 503s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 503s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 503s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 503s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 503s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 503s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 503s Setting up krb5-kdc (1.20.1-5build1) ... 503s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 503s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 503s Setting up krb5-admin-server (1.20.1-5build1) ... 504s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 504s Setting up autopkgtest-satdep (0) ... 504s Processing triggers for man-db (2.12.0-3) ... 505s Processing triggers for libc-bin (2.39-0ubuntu2) ... 513s (Reading database ... 71093 files and directories currently installed.) 513s Removing autopkgtest-satdep (0) ... 513s autopkgtest [15:41:00]: test ldap-user-group-krb5-auth: [----------------------- 514s + . debian/tests/util 514s + . debian/tests/common-tests 514s + mydomain=example.com 514s + myhostname=ldap.example.com 514s + mysuffix=dc=example,dc=com 514s + myrealm=EXAMPLE.COM 514s + admin_dn=cn=admin,dc=example,dc=com 514s + admin_pw=secret 514s + ldap_user=testuser1 514s + ldap_user_pw=testuser1secret 514s + kerberos_principal_pw=testuser1kerberos 514s + ldap_group=ldapusers 514s + adjust_hostname ldap.example.com 514s + local myhostname=ldap.example.com 514s + echo ldap.example.com 514s + hostname ldap.example.com 514s + grep -qE ldap.example.com /etc/hosts 514s + reconfigure_slapd 514s + debconf-set-selections 514s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240321-154039.ldapdb 514s + dpkg-reconfigure -fnoninteractive -pcritical slapd 514s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 514s Moving old database directory to /var/backups: 514s - directory unknown... done. 514s Creating initial configuration... done. 514s Creating LDAP directory... done. 514s + generate_certs ldap.example.com 514s + local cn=ldap.example.com 514s + local cert=/etc/ldap/server.pem 514s + local key=/etc/ldap/server.key 514s + local cnf=/etc/ldap/openssl.cnf 514s + cat 514s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 515s .modifying entry "cn=config" 515s 515s adding new entry "ou=People,dc=example,dc=com" 515s 515s adding new entry "ou=Group,dc=example,dc=com" 515s 515s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 515s 515s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 515s 515s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 515s 515s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 515s master key name 'K/M@EXAMPLE.COM' 515s ..............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 515s .....................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 515s ----- 515s + chmod 0640 /etc/ldap/server.key 515s + chgrp openldap /etc/ldap/server.key 515s + [ ! -f /etc/ldap/server.pem ] 515s + [ ! -f /etc/ldap/server.key ] 515s + enable_ldap_ssl 515s + cat 515s + cat 515s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 515s + populate_ldap_rfc2307 515s + cat 515s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 515s + create_realm EXAMPLE.COM ldap.example.com 515s + local realm_name=EXAMPLE.COM 515s + local kerberos_server=ldap.example.com 515s + rm -rf /var/lib/krb5kdc/* 515s + rm -rf /etc/krb5kdc/kdc.conf 515s + rm -f /etc/krb5.keytab 515s + cat 515s + cat 515s + echo # */admin * 515s + kdb5_util create -s -P secretpassword 515s + systemctl restart krb5-kdc.service krb5-admin-server.service 515s + create_krb_principal testuser1 testuser1kerberos 515s + local principal=testuser1 515s + local password=testuser1kerberos 515s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 515s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 515s Authenticating as principal root/admin@EXAMPLE.COM with password. 515s Principal "testuser1@EXAMPLE.COM" created. 515s + configure_sssd_ldap_rfc2307_krb5_auth 515s + cat 515s + chmod 0600 /etc/sssd/sssd.conf 515s + systemctl restart sssd 515s + enable_pam_mkhomedir 515s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 515s Assert local user databases do not have our LDAP test data 515s The LDAP user is known to the system via getent 515s + run_common_tests 515s + echo Assert local user databases do not have our LDAP test data 515s + check_local_user testuser1 515s + local local_user=testuser1 515s + grep -q ^testuser1 /etc/passwd 515s + check_local_group testuser1 515s + local local_group=testuser1 515s + grep -q ^testuser1 /etc/group 515s + check_local_group ldapusers 515s + local local_group=ldapusers 515s + grep -q ^ldapusers /etc/group 515s + echo The LDAP user is known to the system via getent 515s + check_getent_user testuser1 515s + local getent_user=testuser1 515s + local output 515s + getent passwd testuser1 515s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 515s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 515s + echo The LDAP user's private group is known to the system via getent 515s The LDAP user's private group is known to the system via getent 515s + check_getent_group testuser1 515s + local getent_group=testuser1 515s + local output 515s + getent group testuser1 515s The LDAP group ldapusers is known to the system via getent 515s + output=testuser1:*:10001:testuser1 515s + [ -z testuser1:*:10001:testuser1 ] 515s + echo The LDAP group ldapusers is known to the system via getent 515s + check_getent_group ldapusers 515s + local getent_group=ldapusers 515s + local output 515s + getent group ldapusers 515s + output=ldapusers:*:10100:testuser1 515s + The id(1) command can resolve the group membership of the LDAP user 515s [ -z ldapusers:*:10100:testuser1 ] 515s + echo The id(1) command can resolve the group membership of the LDAP user 515s + id -Gn testuser1 515s + output=testuser1 ldapusers 515s + [ testuser1 ldapusers != testuser1 ldapusers ] 515s + echo The Kerberos principal can login on a terminalThe Kerberos principal can login on a terminal 515s 515s + kdestroy 515s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 515s spawn login 515s ldap.example.com login: testuser1 515s Password: 515s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 515s 515s * Documentation: https://help.ubuntu.com 515s * Management: https://landscape.canonical.com 515s * Support: https://ubuntu.com/pro 515s 515s 515s The programs included with the Ubuntu system are free software; 515s the exact distribution terms for each program are described in the 515s individual files in /usr/share/doc/*/copyright. 515s 515s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 515s applicable law. 515s 515s Last login: Thu Mar 21 15:40:40 UTC 2024 on pts/0 515s [?2004htestuser1@ldap:~$ id -un 515s [?2004l testuser1 515s [?2004htestuser1@ldap:~$ klist 515s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_eWRGyN 515s Default principal: testuser1@EXAMPLE.COMautopkgtest [15:41:02]: test ldap-user-group-krb5-auth: -----------------------] 516s ldap-user-group-krb5-auth PASS 516s autopkgtest [15:41:03]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 516s autopkgtest [15:41:03]: test sssd-softhism2-certificates-tests.sh: preparing testbed 896s autopkgtest [15:47:23]: testbed dpkg architecture: ppc64el 896s autopkgtest [15:47:23]: testbed apt version: 2.7.12 896s autopkgtest [15:47:23]: @@@@@@@@@@@@@@@@@@@@ test bed setup 897s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 897s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 897s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 897s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [495 kB] 897s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3757 kB] 897s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [668 kB] 897s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 897s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 897s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 897s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4078 kB] 898s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 898s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [58.3 kB] 898s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 901s Fetched 9248 kB in 2s (3904 kB/s) 901s Reading package lists... 904s Reading package lists... 904s Building dependency tree... 904s Reading state information... 904s Calculating upgrade... 904s The following packages will be REMOVED: 904s libssl3 904s The following NEW packages will be installed: 904s libssl3t64 904s The following packages have been kept back: 904s libsasl2-2 libsasl2-modules-db 904s The following packages will be upgraded: 904s debianutils libsasl2-modules linux-firmware openssl 905s 4 upgraded, 1 newly installed, 1 to remove and 2 not upgraded. 905s Need to get 479 MB of archives. 905s After this operation, 5798 kB of additional disk space will be used. 905s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el debianutils ppc64el 5.17 [90.4 kB] 905s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el openssl ppc64el 3.0.13-0ubuntu2 [1026 kB] 905s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsasl2-modules ppc64el 2.1.28+dfsg1-5ubuntu1 [83.1 kB] 905s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libssl3t64 ppc64el 3.0.13-0ubuntu2 [2125 kB] 906s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el linux-firmware ppc64el 20240318.git3b128b60-0ubuntu1 [475 MB] 924s Fetched 479 MB in 20s (24.4 MB/s) 925s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 925s Preparing to unpack .../debianutils_5.17_ppc64el.deb ... 925s Unpacking debianutils (5.17) over (5.16) ... 925s Setting up debianutils (5.17) ... 925s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 925s Preparing to unpack .../openssl_3.0.13-0ubuntu2_ppc64el.deb ... 925s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 925s Preparing to unpack .../libsasl2-modules_2.1.28+dfsg1-5ubuntu1_ppc64el.deb ... 925s Unpacking libsasl2-modules:ppc64el (2.1.28+dfsg1-5ubuntu1) over (2.1.28+dfsg1-4) ... 925s dpkg: libssl3:ppc64el: dependency problems, but removing anyway as you requested: 925s wget depends on libssl3 (>= 3.0.0). 925s tnftp depends on libssl3 (>= 3.0.0). 925s tcpdump depends on libssl3 (>= 3.0.0). 925s systemd-resolved depends on libssl3 (>= 3.0.0). 925s systemd depends on libssl3 (>= 3.0.0). 925s sudo depends on libssl3 (>= 3.0.0). 925s rsync depends on libssl3 (>= 3.0.0). 925s python3-cryptography depends on libssl3 (>= 3.0.0). 925s openssh-server depends on libssl3 (>= 3.0.10). 925s openssh-client depends on libssl3 (>= 3.0.10). 925s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 925s libsystemd-shared:ppc64el depends on libssl3 (>= 3.0.0). 925s libssh-4:ppc64el depends on libssl3 (>= 3.0.0). 925s libsasl2-2:ppc64el depends on libssl3 (>= 3.0.0). 925s libpython3.12-minimal:ppc64el depends on libssl3 (>= 3.0.0). 925s libpython3.11-minimal:ppc64el depends on libssl3 (>= 3.0.0). 925s libnvme1 depends on libssl3 (>= 3.0.0). 925s libkrb5-3:ppc64el depends on libssl3 (>= 3.0.0). 925s libkmod2:ppc64el depends on libssl3 (>= 3.0.0). 925s libfido2-1:ppc64el depends on libssl3 (>= 3.0.0). 925s libcurl4:ppc64el depends on libssl3 (>= 3.0.0). 925s libcryptsetup12:ppc64el depends on libssl3 (>= 3.0.0). 925s kmod depends on libssl3 (>= 3.0.0). 925s dhcpcd-base depends on libssl3 (>= 3.0.0). 925s bind9-libs:ppc64el depends on libssl3 (>= 3.0.0). 925s 925s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 925s Removing libssl3:ppc64el (3.0.10-1ubuntu4) ... 925s Selecting previously unselected package libssl3t64:ppc64el. 925s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70084 files and directories currently installed.) 925s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_ppc64el.deb ... 925s Unpacking libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 925s Preparing to unpack .../linux-firmware_20240318.git3b128b60-0ubuntu1_ppc64el.deb ... 925s Unpacking linux-firmware (20240318.git3b128b60-0ubuntu1) over (20240202.git36777504-0ubuntu1) ... 929s Setting up linux-firmware (20240318.git3b128b60-0ubuntu1) ... 929s Setting up libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 929s Setting up libsasl2-modules:ppc64el (2.1.28+dfsg1-5ubuntu1) ... 929s Setting up openssl (3.0.13-0ubuntu2) ... 929s Processing triggers for man-db (2.12.0-3) ... 930s Processing triggers for libc-bin (2.39-0ubuntu2) ... 930s Processing triggers for initramfs-tools (0.142ubuntu20) ... 930s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 930s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 937s Reading package lists... 937s Building dependency tree... 937s Reading state information... 937s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 938s sh: Attempting to set up Debian/Ubuntu apt sources automatically 938s sh: Distribution appears to be Ubuntu 939s Reading package lists... 939s Building dependency tree... 939s Reading state information... 939s eatmydata is already the newest version (131-1). 939s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 939s Reading package lists... 939s Building dependency tree... 939s Reading state information... 939s dbus is already the newest version (1.14.10-4ubuntu1). 939s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 939s Reading package lists... 940s Building dependency tree... 940s Reading state information... 940s rng-tools-debian is already the newest version (2.4). 940s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 940s Reading package lists... 940s Building dependency tree... 940s Reading state information... 940s The following packages will be REMOVED: 940s cloud-init* python3-configobj* python3-debconf* 940s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 940s After this operation, 3252 kB disk space will be freed. 940s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70159 files and directories currently installed.) 940s Removing cloud-init (24.1.1-0ubuntu1) ... 941s Removing python3-configobj (5.0.8-3) ... 941s Removing python3-debconf (1.5.86) ... 941s Processing triggers for man-db (2.12.0-3) ... 942s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69770 files and directories currently installed.) 942s Purging configuration files for cloud-init (24.1.1-0ubuntu1) ... 942s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 942s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 942s invoke-rc.d: policy-rc.d denied execution of try-restart. 942s Reading package lists... 942s Building dependency tree... 942s Reading state information... 943s linux-generic is already the newest version (6.8.0-11.11+1). 943s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 944s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 944s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 944s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 946s Reading package lists... 946s Reading package lists... 946s Building dependency tree... 946s Reading state information... 946s Calculating upgrade... 946s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 946s Reading package lists... 947s Building dependency tree... 947s Reading state information... 947s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 947s autopkgtest [15:48:14]: rebooting testbed after setup commands that affected boot 1123s Reading package lists... 1123s Building dependency tree... 1123s Reading state information... 1123s Starting pkgProblemResolver with broken count: 0 1123s Starting 2 pkgProblemResolver with broken count: 0 1123s Done 1123s The following additional packages will be installed: 1123s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 1123s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 1123s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 1123s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 1123s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 1123s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 1123s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 1123s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 1123s sssd-krb5-common sssd-ldap sssd-proxy 1123s Suggested packages: 1123s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 1123s Recommended packages: 1123s cracklib-runtime libsasl2-modules-gssapi-mit 1123s | libsasl2-modules-gssapi-heimdal ldap-utils 1123s The following NEW packages will be installed: 1123s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 1123s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 1123s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 1123s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 1123s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 1123s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 1123s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 1123s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 1123s sssd-krb5-common sssd-ldap sssd-proxy 1123s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 1123s Need to get 11.4 MB/11.4 MB of archives. 1123s After this operation, 56.9 MB of additional disk space will be used. 1123s Get:1 /tmp/autopkgtest.HSIGxg/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [744 B] 1123s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 1124s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libunbound8 ppc64el 1.19.1-1ubuntu1 [537 kB] 1124s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libgnutls-dane0 ppc64el 3.8.3-1ubuntu1 [24.5 kB] 1124s Get:5 http://ftpmaster.internal/ubuntu noble/universe ppc64el gnutls-bin ppc64el 3.8.3-1ubuntu1 [290 kB] 1124s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 1124s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 1124s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 1124s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 1124s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 1124s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 1124s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 1124s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 1124s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 1124s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 1124s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 1124s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 1124s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 1124s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 1124s Get:20 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2 [5810 B] 1124s Get:21 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2 [294 kB] 1124s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2 [196 kB] 1124s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 1124s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 1124s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 1124s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 1124s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 1124s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 1124s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 1124s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 1124s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 1124s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 1124s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 1125s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 1125s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 1125s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 1125s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 1125s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 1125s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 1125s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 1125s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 1125s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 1125s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 1125s Get:44 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 1125s Get:45 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 1125s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 1125s Fetched 11.4 MB in 1s (8220 kB/s) 1125s Selecting previously unselected package libevent-2.1-7:ppc64el. 1125s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69715 files and directories currently installed.) 1125s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 1125s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 1125s Selecting previously unselected package libunbound8:ppc64el. 1125s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_ppc64el.deb ... 1125s Unpacking libunbound8:ppc64el (1.19.1-1ubuntu1) ... 1125s Selecting previously unselected package libgnutls-dane0:ppc64el. 1125s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_ppc64el.deb ... 1125s Unpacking libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 1125s Selecting previously unselected package gnutls-bin. 1125s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_ppc64el.deb ... 1125s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 1125s Selecting previously unselected package libavahi-common-data:ppc64el. 1125s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 1125s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 1125s Selecting previously unselected package libavahi-common3:ppc64el. 1125s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 1125s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 1125s Selecting previously unselected package libavahi-client3:ppc64el. 1125s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 1125s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 1125s Selecting previously unselected package libcrack2:ppc64el. 1125s Preparing to unpack .../07-libcrack2_2.9.6-5.1_ppc64el.deb ... 1125s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 1125s Selecting previously unselected package libtalloc2:ppc64el. 1125s Preparing to unpack .../08-libtalloc2_2.4.2-1_ppc64el.deb ... 1125s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 1125s Selecting previously unselected package libtdb1:ppc64el. 1125s Preparing to unpack .../09-libtdb1_1.4.10-1_ppc64el.deb ... 1125s Unpacking libtdb1:ppc64el (1.4.10-1) ... 1125s Selecting previously unselected package libtevent0:ppc64el. 1125s Preparing to unpack .../10-libtevent0_0.16.1-1_ppc64el.deb ... 1125s Unpacking libtevent0:ppc64el (0.16.1-1) ... 1125s Selecting previously unselected package libldb2:ppc64el. 1125s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1125s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 1125s Selecting previously unselected package libnfsidmap1:ppc64el. 1125s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 1125s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 1125s Selecting previously unselected package libpwquality-common. 1125s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 1125s Unpacking libpwquality-common (1.4.5-3) ... 1125s Selecting previously unselected package libpwquality1:ppc64el. 1125s Preparing to unpack .../14-libpwquality1_1.4.5-3_ppc64el.deb ... 1125s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 1125s Selecting previously unselected package libpam-pwquality:ppc64el. 1125s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_ppc64el.deb ... 1125s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 1125s Selecting previously unselected package libwbclient0:ppc64el. 1125s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1125s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1125s Selecting previously unselected package samba-libs:ppc64el. 1126s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1126s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1126s Selecting previously unselected package softhsm2-common. 1126s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_ppc64el.deb ... 1126s Unpacking softhsm2-common (2.6.1-2.2) ... 1126s Selecting previously unselected package libsofthsm2. 1126s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_ppc64el.deb ... 1126s Unpacking libsofthsm2 (2.6.1-2.2) ... 1126s Selecting previously unselected package softhsm2. 1126s Preparing to unpack .../20-softhsm2_2.6.1-2.2_ppc64el.deb ... 1126s Unpacking softhsm2 (2.6.1-2.2) ... 1126s Selecting previously unselected package python3-sss. 1126s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking python3-sss (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libsss-idmap0. 1126s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libnss-sss:ppc64el. 1126s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libpam-sss:ppc64el. 1126s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libc-ares2:ppc64el. 1126s Preparing to unpack .../25-libc-ares2_1.27.0-1_ppc64el.deb ... 1126s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 1126s Selecting previously unselected package libdhash1:ppc64el. 1126s Preparing to unpack .../26-libdhash1_0.6.2-2_ppc64el.deb ... 1126s Unpacking libdhash1:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libbasicobjects0:ppc64el. 1126s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_ppc64el.deb ... 1126s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libcollection4:ppc64el. 1126s Preparing to unpack .../28-libcollection4_0.6.2-2_ppc64el.deb ... 1126s Unpacking libcollection4:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libpath-utils1:ppc64el. 1126s Preparing to unpack .../29-libpath-utils1_0.6.2-2_ppc64el.deb ... 1126s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libref-array1:ppc64el. 1126s Preparing to unpack .../30-libref-array1_0.6.2-2_ppc64el.deb ... 1126s Unpacking libref-array1:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libini-config5:ppc64el. 1126s Preparing to unpack .../31-libini-config5_0.6.2-2_ppc64el.deb ... 1126s Unpacking libini-config5:ppc64el (0.6.2-2) ... 1126s Selecting previously unselected package libsss-certmap0. 1126s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libsss-nss-idmap0. 1126s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-common. 1126s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-common (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-ad-common. 1126s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-krb5-common. 1126s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libsmbclient:ppc64el. 1126s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1126s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1126s Selecting previously unselected package sssd-ad. 1126s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package libipa-hbac0. 1126s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-ipa. 1126s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-krb5. 1126s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-ldap. 1126s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd-proxy. 1126s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package sssd. 1126s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 1126s Unpacking sssd (2.9.4-1ubuntu1) ... 1126s Selecting previously unselected package autopkgtest-satdep. 1126s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 1126s Unpacking autopkgtest-satdep (0) ... 1126s Setting up libpwquality-common (1.4.5-3) ... 1126s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 1126s Setting up softhsm2-common (2.6.1-2.2) ... 1127s 1127s Creating config file /etc/softhsm/softhsm2.conf with new version 1127s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 1127s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 1127s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 1127s Setting up libtdb1:ppc64el (1.4.10-1) ... 1127s Setting up libc-ares2:ppc64el (1.27.0-1) ... 1127s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1127s Setting up libtalloc2:ppc64el (2.4.2-1) ... 1127s Setting up libdhash1:ppc64el (0.6.2-2) ... 1127s Setting up libtevent0:ppc64el (0.16.1-1) ... 1127s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 1127s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 1127s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 1127s Setting up libcollection4:ppc64el (0.6.2-2) ... 1127s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 1127s Setting up libref-array1:ppc64el (0.6.2-2) ... 1127s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 1127s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 1127s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 1127s Setting up libsofthsm2 (2.6.1-2.2) ... 1127s Setting up softhsm2 (2.6.1-2.2) ... 1127s Setting up libini-config5:ppc64el (0.6.2-2) ... 1127s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 1127s Setting up python3-sss (2.9.4-1ubuntu1) ... 1127s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 1127s Setting up libunbound8:ppc64el (1.19.1-1ubuntu1) ... 1127s Setting up libpwquality1:ppc64el (1.4.5-3) ... 1127s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 1127s Setting up libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 1127s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 1127s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1127s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1127s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 1127s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 1127s Setting up sssd-common (2.9.4-1ubuntu1) ... 1127s Creating SSSD system user & group... 1127s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 1127s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 1127s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 1128s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 1128s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 1128s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 1129s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 1129s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 1129s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 1130s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 1130s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 1130s sssd-autofs.service is a disabled or a static unit, not starting it. 1130s sssd-nss.service is a disabled or a static unit, not starting it. 1130s sssd-pam.service is a disabled or a static unit, not starting it. 1130s sssd-ssh.service is a disabled or a static unit, not starting it. 1130s sssd-sudo.service is a disabled or a static unit, not starting it. 1130s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 1130s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 1130s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 1131s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 1131s sssd-pac.service is a disabled or a static unit, not starting it. 1131s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 1131s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 1131s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 1131s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 1131s Setting up sssd-ad (2.9.4-1ubuntu1) ... 1131s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 1131s Setting up sssd (2.9.4-1ubuntu1) ... 1131s Setting up autopkgtest-satdep (0) ... 1131s Processing triggers for man-db (2.12.0-3) ... 1132s Processing triggers for libc-bin (2.39-0ubuntu2) ... 1135s (Reading database ... 70303 files and directories currently installed.) 1135s Removing autopkgtest-satdep (0) ... 1142s autopkgtest [15:51:29]: test sssd-softhism2-certificates-tests.sh: [----------------------- 1142s + '[' -z ubuntu ']' 1142s + required_tools=(p11tool openssl softhsm2-util) 1142s + for cmd in "${required_tools[@]}" 1142s + command -v p11tool 1142s + for cmd in "${required_tools[@]}" 1142s + command -v openssl 1142s + for cmd in "${required_tools[@]}" 1142s + command -v softhsm2-util 1142s + PIN=053350 1142s +++ find /usr/lib/softhsm/libsofthsm2.so 1142s +++ head -n 1 1142s ++ realpath /usr/lib/softhsm/libsofthsm2.so 1142s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1142s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 1142s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 1142s + '[' '!' -v NO_SSSD_TESTS ']' 1142s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 1142s + ca_db_arg=ca_db 1142s ++ /usr/libexec/sssd/p11_child --help 1142s + p11_child_help='Usage: p11_child [OPTION...] 1142s -d, --debug-level=INT Debug level 1142s --debug-timestamps=INT Add debug timestamps 1142s --debug-microseconds=INT Show timestamps with microseconds 1142s --dumpable=INT Allow core dumps 1142s --debug-fd=INT An open file descriptor for the debug 1142s logs 1142s --logger=stderr|files|journald Set logger 1142s --auth Run in auth mode 1142s --pre Run in pre-auth mode 1142s --wait_for_card Wait until card is available 1142s --verification Run in verification mode 1142s --pin Expect PIN on stdin 1142s --keypad Expect PIN on keypad 1142s --verify=STRING Tune validation 1142s --ca_db=STRING CA DB to use 1142s --module_name=STRING Module name for authentication 1142s --token_name=STRING Token name for authentication 1142s --key_id=STRING Key ID for authentication 1142s --label=STRING Label for authentication 1142s --certificate=STRING certificate to verify, base64 encoded 1142s --uri=STRING PKCS#11 URI to restrict selection 1142s --chain-id=LONG Tevent chain ID used for logging 1142s purposes 1142s 1142s Help options: 1142s -?, --help Show this help message 1142s --usage Display brief usage message' 1142s + echo 'Usage: p11_child [OPTION...] 1142s -d, --debug-level=INT Debug level 1142s --debug-timestamps=INT Add debug timestamps 1142s --debug-microseconds=INT Show timestamps with microseconds 1142s --dumpable=INT Allow core dumps 1142s --debug-fd=INT An open file descriptor for the debug 1142s logs 1142s --logger=stderr|files|journald Set logger 1142s --auth Run in auth mode 1142s --pre Run in pre-auth mode 1142s --wait_for_card Wait until card is available 1142s --verification Run in verification mode 1142s --pin Expect PIN on stdin 1142s --keypad Expect PIN on keypad 1142s --verify=STRING Tune validation 1142s --ca_db=STRING CA DB to use 1142s --module_name=STRING Module name for authentication 1142s --token_name=STRING Token name for authentication 1142s --key_id=STRING Key ID for authentication 1142s --label=STRING Label for authentication 1142s --certificate=STRING certificate to verify, base64 encoded 1142s --uri=STRING PKCS#11 URI to restrict selection 1142s --chain-id=LONG Tevent chain ID used for logging 1142s purposes 1142s 1142s Help options: 1142s -?, --help Show this help message 1142s --usage Display brief usage message' 1142s + grep nssdb -qs 1142s + echo 'Usage: p11_child [OPTION...] 1142s -d, --debug-level=INT Debug level 1142s + grep -qs -- --ca_db 1142s --debug-timestamps=INT Add debug timestamps 1142s --debug-microseconds=INT Show timestamps with microseconds 1142s --dumpable=INT Allow core dumps 1142s --debug-fd=INT An open file descriptor for the debug 1142s logs 1142s --logger=stderr|files|journald Set logger 1142s --auth Run in auth mode 1142s --pre Run in pre-auth mode 1142s --wait_for_card Wait until card is available 1142s --verification Run in verification mode 1142s --pin Expect PIN on stdin 1142s --keypad Expect PIN on keypad 1142s --verify=STRING Tune validation 1142s --ca_db=STRING CA DB to use 1142s --module_name=STRING Module name for authentication 1142s --token_name=STRING Token name for authentication 1142s --key_id=STRING Key ID for authentication 1142s --label=STRING Label for authentication 1142s --certificate=STRING certificate to verify, base64 encoded 1142s --uri=STRING PKCS#11 URI to restrict selection 1142s --chain-id=LONG Tevent chain ID used for logging 1142s purposes 1142s 1142s Help options: 1142s -?, --help Show this help message 1142s --usage Display brief usage message' 1142s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 1142s ++ mktemp -d -t sssd-softhsm2-XXXXXX 1142s + tmpdir=/tmp/sssd-softhsm2-7kk18L 1142s + keys_size=1024 1142s + [[ ! -v KEEP_TEMPORARY_FILES ]] 1142s + trap 'rm -rf "$tmpdir"' EXIT 1142s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 1142s + echo -n 01 1142s + touch /tmp/sssd-softhsm2-7kk18L/index.txt 1142s + mkdir -p /tmp/sssd-softhsm2-7kk18L/new_certs 1142s + cat 1142s + root_ca_key_pass=pass:random-root-CA-password-15151 1142s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-root-CA-key.pem -passout pass:random-root-CA-password-15151 1024 1142s + openssl req -passin pass:random-root-CA-password-15151 -batch -config /tmp/sssd-softhsm2-7kk18L/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-7kk18L/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1142s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1142s + cat 1142s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-5485 1142s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5485 1024 1142s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-5485 -config /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.config -key /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-15151 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-certificate-request.pem 1142s + openssl req -text -noout -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-certificate-request.pem 1142s Certificate Request: 1142s Data: 1142s Version: 1 (0x0) 1142s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1142s Subject Public Key Info: 1142s Public Key Algorithm: rsaEncryption 1142s Public-Key: (1024 bit) 1142s Modulus: 1142s 00:c6:34:75:c1:d0:7e:cd:e0:9f:9f:dc:47:48:64: 1142s 64:11:65:f3:c7:d8:24:54:80:41:8e:4f:1e:46:e3: 1142s 98:97:d7:b3:4e:82:cb:8f:70:56:3b:fe:63:59:37: 1142s 56:11:70:09:ce:89:71:49:b6:b1:12:43:d6:69:c0: 1142s 48:64:1e:1f:5f:1d:54:48:72:92:44:18:03:04:6b: 1142s 69:6d:9d:97:56:fa:de:6a:e7:b1:fb:5a:e4:cc:5c: 1142s e2:91:de:44:fa:ed:ca:d0:b7:bd:57:af:78:6b:3d: 1142s 27:7e:f4:6e:95:83:64:a7:e0:d7:49:5a:c3:ba:dd: 1142s 82:5c:fd:ea:15:8b:ce:0f:e3 1142s Exponent: 65537 (0x10001) 1142s Attributes: 1142s (none) 1142s Requested Extensions: 1142s Signature Algorithm: sha256WithRSAEncryption 1142s Signature Value: 1142s 31:da:4d:b6:56:86:0b:02:69:bd:67:4e:aa:9f:0d:91:30:67: 1142s 95:51:18:70:73:e0:87:2f:b9:81:20:26:76:93:07:6a:07:f2: 1142s 6e:8b:b4:a5:60:3a:c2:39:3b:f0:43:ac:f0:24:89:63:ac:ff: 1142s 19:d2:80:fb:33:ab:07:c4:af:84:da:1b:ca:b9:90:f2:5a:9d: 1142s 96:5b:5d:5d:7b:2f:8d:4c:8d:2c:ec:9d:ea:12:2f:0f:b3:41: 1142s 29:d6:32:3b:b1:f5:fa:4b:a7:41:df:66:bb:0c:7a:88:9c:57: 1142s 07:21:24:2b:ca:4d:6a:90:d5:7c:68:17:c4:2d:e7:cd:88:1a: 1142s 0c:40 1142s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-7kk18L/test-root-CA.config -passin pass:random-root-CA-password-15151 -keyfile /tmp/sssd-softhsm2-7kk18L/test-root-CA-key.pem -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1142s Using configuration from /tmp/sssd-softhsm2-7kk18L/test-root-CA.config 1142s Check that the request matches the signature 1142s Signature ok 1142s Certificate Details: 1142s Serial Number: 1 (0x1) 1142s Validity 1142s Not Before: Mar 21 15:51:29 2024 GMT 1142s Not After : Mar 21 15:51:29 2025 GMT 1142s Subject: 1142s organizationName = Test Organization 1142s organizationalUnitName = Test Organization Unit 1142s commonName = Test Organization Intermediate CA 1142s X509v3 extensions: 1142s X509v3 Subject Key Identifier: 1142s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1142s X509v3 Authority Key Identifier: 1142s keyid:82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1142s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1142s serial:00 1142s X509v3 Basic Constraints: 1142s CA:TRUE 1142s X509v3 Key Usage: critical 1142s Digital Signature, Certificate Sign, CRL Sign 1142s Certificate is to be certified until Mar 21 15:51:29 2025 GMT (365 days) 1142s 1142s Write out database with 1 new entries 1142s Database updated 1142s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1142s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1142s /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem: OK 1142s + cat 1142s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-24953 1142s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-24953 1024 1142s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-24953 -config /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5485 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-certificate-request.pem 1142s + openssl req -text -noout -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-certificate-request.pem 1142s Certificate Request: 1142s Data: 1142s Version: 1 (0x0) 1142s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1142s Subject Public Key Info: 1142s Public Key Algorithm: rsaEncryption 1142s Public-Key: (1024 bit) 1142s Modulus: 1142s 00:cc:64:29:93:42:35:af:73:fa:14:b4:32:63:66: 1142s 6b:c7:97:1f:79:76:d5:8a:22:2b:33:42:93:95:c0: 1142s 7a:22:23:d5:5d:71:ba:54:4a:2e:07:78:b4:e2:e1: 1142s 69:45:12:de:ec:51:4f:b5:67:52:f6:42:e9:78:74: 1142s 32:a1:2f:69:77:df:36:3e:0c:83:8b:28:78:53:f4: 1142s 7b:c3:d1:c1:1d:a2:8b:91:ef:e1:61:3c:de:fb:e6: 1142s 53:11:d3:6f:27:95:45:ca:1c:70:0a:8e:e3:b5:73: 1142s 4f:9a:7e:59:d3:9e:24:c9:be:1e:81:e9:1d:69:f7: 1142s 83:48:f0:1a:17:b3:e9:88:55 1142s Exponent: 65537 (0x10001) 1142s Attributes: 1142s (none) 1142s Requested Extensions: 1142s Signature Algorithm: sha256WithRSAEncryption 1142s Signature Value: 1142s 34:2b:8f:99:01:a6:97:79:53:3b:79:55:29:2b:fc:6d:cd:bd: 1142s d4:7c:a1:dd:1e:27:61:ff:b6:1d:c7:6b:19:1a:f8:a8:12:b1: 1142s fc:d0:c1:ce:15:08:60:c0:12:e4:89:20:08:5d:5b:83:b2:c1: 1142s f7:4e:94:1f:b4:ce:73:1d:ae:15:53:f1:f2:78:5f:93:9b:77: 1142s c2:e2:69:bd:a9:e0:dc:12:07:81:e8:16:ed:15:75:c4:65:52: 1142s 6d:d0:81:66:20:9b:63:79:a7:00:c9:c1:3d:fb:13:e6:4f:64: 1142s 4c:c9:8b:9b:56:72:98:ec:3b:5b:1d:9e:ad:1f:91:04:fd:1a: 1142s 42:05 1142s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-5485 -keyfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1142s Using configuration from /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.config 1142s Check that the request matches the signature 1142s Signature ok 1142s Certificate Details: 1142s Serial Number: 2 (0x2) 1142s Validity 1142s Not Before: Mar 21 15:51:29 2024 GMT 1142s Not After : Mar 21 15:51:29 2025 GMT 1142s Subject: 1142s organizationName = Test Organization 1142s organizationalUnitName = Test Organization Unit 1142s commonName = Test Organization Sub Intermediate CA 1142s X509v3 extensions: 1142s X509v3 Subject Key Identifier: 1142s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1142s X509v3 Authority Key Identifier: 1142s keyid:2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1142s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1142s serial:01 1142s X509v3 Basic Constraints: 1142s CA:TRUE 1142s X509v3 Key Usage: critical 1142s Digital Signature, Certificate Sign, CRL Sign 1142s Certificate is to be certified until Mar 21 15:51:29 2025 GMT (365 days) 1142s 1142s Write out database with 1 new entries 1142s Database updated 1142s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem: OK 1143s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s + local cmd=openssl 1143s + shift 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1143s error 20 at 0 depth lookup: unable to get local issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem: verification failed 1143s + cat 1143s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-16850 1143s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-16850 1024 1143s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-16850 -key /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-request.pem 1143s + openssl req -text -noout -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-request.pem 1143s Certificate Request: 1143s Data: 1143s Version: 1 (0x0) 1143s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1143s Subject Public Key Info: 1143s Public Key Algorithm: rsaEncryption 1143s Public-Key: (1024 bit) 1143s Modulus: 1143s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1143s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1143s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1143s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1143s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1143s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1143s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1143s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1143s 60:6f:69:d0:4a:24:68:8c:71 1143s Exponent: 65537 (0x10001) 1143s Attributes: 1143s Requested Extensions: 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Root CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Signature Algorithm: sha256WithRSAEncryption 1143s Signature Value: 1143s 50:ea:a1:74:4d:a3:b5:6f:e8:0e:1c:04:2c:12:19:25:3c:70: 1143s 23:99:b2:4d:50:97:9a:48:9c:5b:05:d3:b1:c0:01:52:df:54: 1143s 87:be:1b:c5:99:3d:59:96:b5:2a:60:6c:06:e6:b6:3b:c2:ba: 1143s 3e:69:43:e5:9d:a5:fc:e2:68:dd:a6:86:53:cc:66:13:49:3d: 1143s 65:87:28:fa:83:00:4b:6b:74:36:08:1d:f8:31:7c:21:98:c1: 1143s 04:7f:f1:0b:96:fe:72:fb:5b:0e:cc:47:33:7b:af:50:bf:70: 1143s f6:08:af:12:f2:77:c0:87:c3:f3:37:36:99:6b:64:a2:f3:ba: 1143s de:54 1143s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-7kk18L/test-root-CA.config -passin pass:random-root-CA-password-15151 -keyfile /tmp/sssd-softhsm2-7kk18L/test-root-CA-key.pem -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s Using configuration from /tmp/sssd-softhsm2-7kk18L/test-root-CA.config 1143s Check that the request matches the signature 1143s Signature ok 1143s Certificate Details: 1143s Serial Number: 3 (0x3) 1143s Validity 1143s Not Before: Mar 21 15:51:30 2024 GMT 1143s Not After : Mar 21 15:51:30 2025 GMT 1143s Subject: 1143s organizationName = Test Organization 1143s organizationalUnitName = Test Organization Unit 1143s commonName = Test Organization Root Trusted Certificate 0001 1143s X509v3 extensions: 1143s X509v3 Authority Key Identifier: 1143s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Root CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Certificate is to be certified until Mar 21 15:51:30 2025 GMT (365 days) 1143s 1143s Write out database with 1 new entries 1143s Database updated 1143s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem: OK 1143s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + local cmd=openssl 1143s + shift 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1143s error 20 at 0 depth lookup: unable to get local issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem: verification failed 1143s + cat 1143s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1143s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-19719 1024 1143s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-19719 -key /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-request.pem 1143s + openssl req -text -noout -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-request.pem 1143s Certificate Request: 1143s Data: 1143s Version: 1 (0x0) 1143s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1143s Subject Public Key Info: 1143s Public Key Algorithm: rsaEncryption 1143s Public-Key: (1024 bit) 1143s Modulus: 1143s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1143s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1143s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1143s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1143s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1143s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1143s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1143s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1143s 25:1b:fd:5d:0b:d6:50:e5:85 1143s Exponent: 65537 (0x10001) 1143s Attributes: 1143s Requested Extensions: 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Intermediate CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Signature Algorithm: sha256WithRSAEncryption 1143s Signature Value: 1143s 10:02:79:1e:4e:e0:f0:0d:c4:bb:f1:e5:91:8d:ac:a8:95:0e: 1143s 0e:6b:3a:65:dc:e8:0d:8b:ce:93:b8:9a:9e:70:01:37:b6:da: 1143s d3:a9:52:f2:01:5b:b8:6e:7e:59:71:09:07:c9:05:39:2f:24: 1143s f1:01:b3:3e:a3:b9:a2:1d:da:02:88:bf:33:58:48:53:97:8b: 1143s 81:22:58:c2:0e:4b:1b:ee:dd:15:79:0b:33:05:a1:63:67:2a: 1143s 96:7c:f0:85:1e:f2:43:5d:8e:f8:35:57:d8:19:da:16:21:98: 1143s 9f:8a:73:a7:d2:32:c3:04:70:15:90:e9:73:06:2c:63:51:6e: 1143s 58:97 1143s + openssl ca -passin pass:random-intermediate-CA-password-5485 -config /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s Using configuration from /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.config 1143s Check that the request matches the signature 1143s Signature ok 1143s Certificate Details: 1143s Serial Number: 4 (0x4) 1143s Validity 1143s Not Before: Mar 21 15:51:30 2024 GMT 1143s Not After : Mar 21 15:51:30 2025 GMT 1143s Subject: 1143s organizationName = Test Organization 1143s organizationalUnitName = Test Organization Unit 1143s commonName = Test Organization Intermediate Trusted Certificate 0001 1143s X509v3 extensions: 1143s X509v3 Authority Key Identifier: 1143s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Intermediate CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Certificate is to be certified until Mar 21 15:51:30 2025 GMT (365 days) 1143s 1143s Write out database with 1 new entries 1143s Database updated 1143s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s This certificate should not be trusted fully 1143s + echo 'This certificate should not be trusted fully' 1143s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s + local cmd=openssl 1143s + shift 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1143s error 2 at 1 depth lookup: unable to get issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 1143s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem: OK 1143s + cat 1143s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1143s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1024 1143s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-16243 -key /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1143s + openssl req -text -noout -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1143s Certificate Request: 1143s Data: 1143s Version: 1 (0x0) 1143s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1143s Subject Public Key Info: 1143s Public Key Algorithm: rsaEncryption 1143s Public-Key: (1024 bit) 1143s Modulus: 1143s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1143s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1143s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1143s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1143s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1143s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1143s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1143s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1143s fb:10:35:d3:23:9d:b5:72:75 1143s Exponent: 65537 (0x10001) 1143s Attributes: 1143s Requested Extensions: 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Sub Intermediate CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Signature Algorithm: sha256WithRSAEncryption 1143s Signature Value: 1143s bb:5e:2f:b3:8a:2b:57:c6:de:a4:17:8e:6e:f1:31:63:55:78: 1143s 4d:ff:3a:eb:9a:4b:f0:da:ff:b8:f4:4a:ac:c7:d5:52:66:e5: 1143s c1:61:5a:a0:11:6b:e3:85:20:8d:8f:bc:34:72:3c:f3:43:46: 1143s 22:1f:24:a4:0f:6a:2a:3e:5f:e1:45:14:c1:8d:b9:37:4e:09: 1143s 4b:65:d4:6d:8b:0a:f9:23:71:a5:f9:ad:51:9a:42:72:fe:d7: 1143s 0e:43:74:5f:c4:73:8d:e3:34:9f:37:53:5f:65:81:3e:5f:c1: 1143s f2:05:99:69:bb:ef:07:b5:09:24:f6:99:54:aa:4a:cc:59:45: 1143s f0:ca 1143s + openssl ca -passin pass:random-sub-intermediate-CA-password-24953 -config /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s Using configuration from /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.config 1143s Check that the request matches the signature 1143s Signature ok 1143s Certificate Details: 1143s Serial Number: 5 (0x5) 1143s Validity 1143s Not Before: Mar 21 15:51:30 2024 GMT 1143s Not After : Mar 21 15:51:30 2025 GMT 1143s Subject: 1143s organizationName = Test Organization 1143s organizationalUnitName = Test Organization Unit 1143s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 1143s X509v3 extensions: 1143s X509v3 Authority Key Identifier: 1143s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Sub Intermediate CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Certificate is to be certified until Mar 21 15:51:30 2025 GMT (365 days) 1143s 1143s Write out database with 1 new entries 1143s Database updated 1143s + openssl x509 -noout -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s + echo 'This certificate should not be trusted fully' 1143s This certificate should not be trusted fully 1143s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s + local cmd=openssl 1143s + shift 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1143s error 2 at 1 depth lookup: unable to get issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1143s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s + local cmd=openssl 1143s + shift 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1143s error 20 at 0 depth lookup: unable to get local issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1143s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1143s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s + local cmd=openssl 1143s + shift 1143s Building a the full-chain CA file... 1143s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1143s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1143s 1143s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1143s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1143s 1143s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1143s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1143s 1143s /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem: OK 1143s /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem: OK 1143s /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem: OK 1143s /tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem: OK 1143s /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1143s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1143s error 20 at 0 depth lookup: unable to get local issuer certificate 1143s error /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1143s + echo 'Building a the full-chain CA file...' 1143s + cat /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s + cat /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1143s + cat /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1143s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1143s + openssl pkcs7 -print_certs -noout 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem /tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem 1143s + openssl verify -CAfile /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1143s + echo 'Certificates generation completed!' 1143s + [[ -v NO_SSSD_TESTS ]] 1143s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /dev/null 1143s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /dev/null 1143s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1143s + local key_ring=/dev/null 1143s + local verify_option= 1143s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1143s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1143s + local key_cn 1143s + local key_name 1143s + local tokens_dir 1143s + local output_cert_file 1143s + token_name= 1143s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1143s + key_name=test-root-CA-trusted-certificate-0001 1143s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s ++ sed -n 's/ *commonName *= //p' 1143s Certificates generation completed! 1143s + key_cn='Test Organization Root Trusted Certificate 0001' 1143s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1143s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1143s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1143s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1143s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1143s + token_name='Test Organization Root Tr Token' 1143s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1143s + local key_file 1143s + local decrypted_key 1143s + mkdir -p /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1143s + key_file=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key.pem 1143s + decrypted_key=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1143s + cat 1143s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 1143s Slot 0 has a free/uninitialized token. 1143s The token has been initialized and is reassigned to slot 1194316303 1143s Available slots: 1143s Slot 1194316303 1143s Slot info: 1143s Description: SoftHSM slot ID 0x472fd20f 1143s Manufacturer ID: SoftHSM project 1143s Hardware version: 2.6 1143s Firmware version: 2.6 1143s Token present: yes 1143s Token info: 1143s Manufacturer ID: SoftHSM project 1143s Model: SoftHSM v2 1143s Hardware version: 2.6 1143s Firmware version: 2.6 1143s Serial number: ee0386e3472fd20f 1143s Initialized: yes 1143s User PIN init.: yes 1143s Label: Test Organization Root Tr Token 1143s Slot 1 1143s Slot info: 1143s Description: SoftHSM slot ID 0x1 1143s Manufacturer ID: SoftHSM project 1143s Hardware version: 2.6 1143s Firmware version: 2.6 1143s Token present: yes 1143s Token info: 1143s Manufacturer ID: SoftHSM project 1143s Model: SoftHSM v2 1143s Hardware version: 2.6 1143s Firmware version: 2.6 1143s Serial number: 1143s Initialized: no 1143s User PIN init.: no 1143s Label: 1143s + softhsm2-util --show-slots 1143s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1143s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-16850 -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1143s writing RSA key 1143s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1143s + rm /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1143s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1143s Object 0: 1143s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 1143s Type: X.509 Certificate (RSA-1024) 1143s Expires: Fri Mar 21 15:51:30 2025 1143s Label: Test Organization Root Trusted Certificate 0001 1143s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1143s 1143s Test Organization Root Tr Token 1143s + echo 'Test Organization Root Tr Token' 1143s + '[' -n '' ']' 1143s + local output_base_name=SSSD-child-2351 1143s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-2351.output 1143s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-2351.pem 1143s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 1143s [p11_child[2122]] [main] (0x0400): p11_child started. 1143s [p11_child[2122]] [main] (0x2000): Running in [pre-auth] mode. 1143s [p11_child[2122]] [main] (0x2000): Running with effective IDs: [0][0]. 1143s [p11_child[2122]] [main] (0x2000): Running with real IDs [0][0]. 1143s [p11_child[2122]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 1143s [p11_child[2122]] [do_work] (0x0040): init_verification failed. 1143s [p11_child[2122]] [main] (0x0020): p11_child failed (5) 1143s + return 2 1143s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /dev/null no_verification 1143s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /dev/null no_verification 1143s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1143s + local key_ring=/dev/null 1143s + local verify_option=no_verification 1143s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1143s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1143s + local key_cn 1143s + local key_name 1143s + local tokens_dir 1143s + local output_cert_file 1143s + token_name= 1143s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1143s + key_name=test-root-CA-trusted-certificate-0001 1143s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s ++ sed -n 's/ *commonName *= //p' 1143s + key_cn='Test Organization Root Trusted Certificate 0001' 1143s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1143s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1143s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1143s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1143s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1143s + token_name='Test Organization Root Tr Token' 1143s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1143s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1143s + echo 'Test Organization Root Tr Token' 1143s Test Organization Root Tr Token 1143s + '[' -n no_verification ']' 1143s + local verify_arg=--verify=no_verification 1143s + local output_base_name=SSSD-child-9314 1143s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.output 1143s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.pem 1143s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 1143s [p11_child[2128]] [main] (0x0400): p11_child started. 1143s [p11_child[2128]] [main] (0x2000): Running in [pre-auth] mode. 1143s [p11_child[2128]] [main] (0x2000): Running with effective IDs: [0][0]. 1143s [p11_child[2128]] [main] (0x2000): Running with real IDs [0][0]. 1143s [p11_child[2128]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1143s [p11_child[2128]] [do_card] (0x4000): Module List: 1143s [p11_child[2128]] [do_card] (0x4000): common name: [softhsm2]. 1143s [p11_child[2128]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1143s [p11_child[2128]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1143s [p11_child[2128]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1143s [p11_child[2128]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1143s [p11_child[2128]] [do_card] (0x4000): Login NOT required. 1143s [p11_child[2128]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1143s [p11_child[2128]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1143s [p11_child[2128]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1143s [p11_child[2128]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1143s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.output 1143s + echo '-----BEGIN CERTIFICATE-----' 1143s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.output 1143s + echo '-----END CERTIFICATE-----' 1143s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.pem 1143s + local found_md5 expected_md5 1143s Certificate: 1143s Data: 1143s Version: 3 (0x2) 1143s Serial Number: 3 (0x3) 1143s Signature Algorithm: sha256WithRSAEncryption 1143s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1143s Validity 1143s Not Before: Mar 21 15:51:30 2024 GMT 1143s Not After : Mar 21 15:51:30 2025 GMT 1143s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1143s Subject Public Key Info: 1143s Public Key Algorithm: rsaEncryption 1143s Public-Key: (1024 bit) 1143s Modulus: 1143s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1143s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1143s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1143s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1143s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1143s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1143s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1143s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1143s 60:6f:69:d0:4a:24:68:8c:71 1143s Exponent: 65537 (0x10001) 1143s X509v3 extensions: 1143s X509v3 Authority Key Identifier: 1143s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1143s X509v3 Basic Constraints: 1143s CA:FALSE 1143s Netscape Cert Type: 1143s SSL Client, S/MIME 1143s Netscape Comment: 1143s Test Organization Root CA trusted Certificate 1143s X509v3 Subject Key Identifier: 1143s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1143s X509v3 Key Usage: critical 1143s Digital Signature, Non Repudiation, Key Encipherment 1143s X509v3 Extended Key Usage: 1143s TLS Web Client Authentication, E-mail Protection 1143s X509v3 Subject Alternative Name: 1143s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1143s Signature Algorithm: sha256WithRSAEncryption 1143s Signature Value: 1143s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1143s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1143s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1143s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1143s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1143s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1143s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1143s bc:eb 1143s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1143s + expected_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1143s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314.pem 1143s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1143s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1143s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.output 1143s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.output .output 1143s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.pem 1143s + echo -n 053350 1143s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1143s [p11_child[2136]] [main] (0x0400): p11_child started. 1143s [p11_child[2136]] [main] (0x2000): Running in [auth] mode. 1143s [p11_child[2136]] [main] (0x2000): Running with effective IDs: [0][0]. 1143s [p11_child[2136]] [main] (0x2000): Running with real IDs [0][0]. 1143s [p11_child[2136]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1143s [p11_child[2136]] [do_card] (0x4000): Module List: 1143s [p11_child[2136]] [do_card] (0x4000): common name: [softhsm2]. 1143s [p11_child[2136]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1143s [p11_child[2136]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1143s [p11_child[2136]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1143s [p11_child[2136]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1143s [p11_child[2136]] [do_card] (0x4000): Login required. 1143s [p11_child[2136]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1143s [p11_child[2136]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1143s [p11_child[2136]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1143s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1143s [p11_child[2136]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1143s [p11_child[2136]] [do_card] (0x4000): Certificate verified and validated. 1143s [p11_child[2136]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1143s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.output 1143s + echo '-----BEGIN CERTIFICATE-----' 1143s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.output 1143s + echo '-----END CERTIFICATE-----' 1143s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.pem 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-9314-auth.pem 1144s Certificate: 1144s Data: 1144s Version: 3 (0x2) 1144s Serial Number: 3 (0x3) 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1144s Validity 1144s Not Before: Mar 21 15:51:30 2024 GMT 1144s Not After : Mar 21 15:51:30 2025 GMT 1144s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1144s Subject Public Key Info: 1144s Public Key Algorithm: rsaEncryption 1144s Public-Key: (1024 bit) 1144s Modulus: 1144s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1144s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1144s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1144s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1144s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1144s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1144s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1144s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1144s 60:6f:69:d0:4a:24:68:8c:71 1144s Exponent: 65537 (0x10001) 1144s X509v3 extensions: 1144s X509v3 Authority Key Identifier: 1144s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1144s X509v3 Basic Constraints: 1144s CA:FALSE 1144s Netscape Cert Type: 1144s SSL Client, S/MIME 1144s Netscape Comment: 1144s Test Organization Root CA trusted Certificate 1144s X509v3 Subject Key Identifier: 1144s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1144s X509v3 Key Usage: critical 1144s Digital Signature, Non Repudiation, Key Encipherment 1144s X509v3 Extended Key Usage: 1144s TLS Web Client Authentication, E-mail Protection 1144s X509v3 Subject Alternative Name: 1144s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Signature Value: 1144s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1144s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1144s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1144s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1144s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1144s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1144s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1144s bc:eb 1144s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1144s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s + local verify_option= 1144s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_cn 1144s + local key_name 1144s + local tokens_dir 1144s + local output_cert_file 1144s + token_name= 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1144s + key_name=test-root-CA-trusted-certificate-0001 1144s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s ++ sed -n 's/ *commonName *= //p' 1144s + key_cn='Test Organization Root Trusted Certificate 0001' 1144s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1144s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1144s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1144s + token_name='Test Organization Root Tr Token' 1144s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1144s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1144s + echo 'Test Organization Root Tr Token' 1144s + '[' -n '' ']' 1144s Test Organization Root Tr Token 1144s + local output_base_name=SSSD-child-12506 1144s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.output 1144s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.pem 1144s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s [p11_child[2146]] [main] (0x0400): p11_child started. 1144s [p11_child[2146]] [main] (0x2000): Running in [pre-auth] mode. 1144s [p11_child[2146]] [main] (0x2000): Running with effective IDs: [0][0]. 1144s [p11_child[2146]] [main] (0x2000): Running with real IDs [0][0]. 1144s [p11_child[2146]] [do_card] (0x4000): Module List: 1144s [p11_child[2146]] [do_card] (0x4000): common name: [softhsm2]. 1144s [p11_child[2146]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2146]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1144s [p11_child[2146]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1144s [p11_child[2146]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2146]] [do_card] (0x4000): Login NOT required. 1144s [p11_child[2146]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1144s [p11_child[2146]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1144s [p11_child[2146]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1144s [p11_child[2146]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1144s [p11_child[2146]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1144s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.output 1144s + echo '-----BEGIN CERTIFICATE-----' 1144s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.output 1144s + echo '-----END CERTIFICATE-----' 1144s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.pem 1144s + local found_md5 expected_md5 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s Certificate: 1144s Data: 1144s Version: 3 (0x2) 1144s Serial Number: 3 (0x3) 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1144s Validity 1144s Not Before: Mar 21 15:51:30 2024 GMT 1144s Not After : Mar 21 15:51:30 2025 GMT 1144s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1144s Subject Public Key Info: 1144s Public Key Algorithm: rsaEncryption 1144s Public-Key: (1024 bit) 1144s Modulus: 1144s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1144s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1144s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1144s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1144s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1144s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1144s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1144s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1144s 60:6f:69:d0:4a:24:68:8c:71 1144s Exponent: 65537 (0x10001) 1144s X509v3 extensions: 1144s X509v3 Authority Key Identifier: 1144s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1144s X509v3 Basic Constraints: 1144s CA:FALSE 1144s Netscape Cert Type: 1144s SSL Client, S/MIME 1144s Netscape Comment: 1144s Test Organization Root CA trusted Certificate 1144s X509v3 Subject Key Identifier: 1144s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1144s X509v3 Key Usage: critical 1144s Digital Signature, Non Repudiation, Key Encipherment 1144s X509v3 Extended Key Usage: 1144s TLS Web Client Authentication, E-mail Protection 1144s X509v3 Subject Alternative Name: 1144s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Signature Value: 1144s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1144s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1144s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1144s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1144s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1144s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1144s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1144s bc:eb 1144s + expected_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506.pem 1144s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1144s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.output 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.output .output 1144s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.pem 1144s + echo -n 053350 1144s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1144s [p11_child[2154]] [main] (0x0400): p11_child started. 1144s [p11_child[2154]] [main] (0x2000): Running in [auth] mode. 1144s [p11_child[2154]] [main] (0x2000): Running with effective IDs: [0][0]. 1144s [p11_child[2154]] [main] (0x2000): Running with real IDs [0][0]. 1144s [p11_child[2154]] [do_card] (0x4000): Module List: 1144s [p11_child[2154]] [do_card] (0x4000): common name: [softhsm2]. 1144s [p11_child[2154]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2154]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1144s [p11_child[2154]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1144s [p11_child[2154]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2154]] [do_card] (0x4000): Login required. 1144s [p11_child[2154]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1144s [p11_child[2154]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1144s [p11_child[2154]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1144s [p11_child[2154]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1144s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1144s [p11_child[2154]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1144s [p11_child[2154]] [do_card] (0x4000): Certificate verified and validated. 1144s [p11_child[2154]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1144s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.output 1144s + echo '-----BEGIN CERTIFICATE-----' 1144s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.output 1144s + echo '-----END CERTIFICATE-----' 1144s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.pem 1144s Certificate: 1144s Data: 1144s Version: 3 (0x2) 1144s Serial Number: 3 (0x3) 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1144s Validity 1144s Not Before: Mar 21 15:51:30 2024 GMT 1144s Not After : Mar 21 15:51:30 2025 GMT 1144s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1144s Subject Public Key Info: 1144s Public Key Algorithm: rsaEncryption 1144s Public-Key: (1024 bit) 1144s Modulus: 1144s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1144s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1144s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1144s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1144s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1144s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1144s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1144s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1144s 60:6f:69:d0:4a:24:68:8c:71 1144s Exponent: 65537 (0x10001) 1144s X509v3 extensions: 1144s X509v3 Authority Key Identifier: 1144s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1144s X509v3 Basic Constraints: 1144s CA:FALSE 1144s Netscape Cert Type: 1144s SSL Client, S/MIME 1144s Netscape Comment: 1144s Test Organization Root CA trusted Certificate 1144s X509v3 Subject Key Identifier: 1144s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1144s X509v3 Key Usage: critical 1144s Digital Signature, Non Repudiation, Key Encipherment 1144s X509v3 Extended Key Usage: 1144s TLS Web Client Authentication, E-mail Protection 1144s X509v3 Subject Alternative Name: 1144s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Signature Value: 1144s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1144s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1144s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1144s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1144s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1144s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1144s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1144s bc:eb 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-12506-auth.pem 1144s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1144s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1144s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s + local verify_option=partial_chain 1144s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_cn 1144s + local key_name 1144s + local tokens_dir 1144s + local output_cert_file 1144s + token_name= 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1144s + key_name=test-root-CA-trusted-certificate-0001 1144s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s ++ sed -n 's/ *commonName *= //p' 1144s + key_cn='Test Organization Root Trusted Certificate 0001' 1144s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1144s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1144s Test Organization Root Tr Token 1144s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1144s + token_name='Test Organization Root Tr Token' 1144s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1144s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1144s + echo 'Test Organization Root Tr Token' 1144s + '[' -n partial_chain ']' 1144s + local verify_arg=--verify=partial_chain 1144s + local output_base_name=SSSD-child-7138 1144s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.output 1144s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.pem 1144s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1144s [p11_child[2164]] [main] (0x0400): p11_child started. 1144s [p11_child[2164]] [main] (0x2000): Running in [pre-auth] mode. 1144s [p11_child[2164]] [main] (0x2000): Running with effective IDs: [0][0]. 1144s [p11_child[2164]] [main] (0x2000): Running with real IDs [0][0]. 1144s [p11_child[2164]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1144s [p11_child[2164]] [do_card] (0x4000): Module List: 1144s [p11_child[2164]] [do_card] (0x4000): common name: [softhsm2]. 1144s [p11_child[2164]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2164]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1144s [p11_child[2164]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1144s [p11_child[2164]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2164]] [do_card] (0x4000): Login NOT required. 1144s [p11_child[2164]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1144s [p11_child[2164]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1144s [p11_child[2164]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1144s [p11_child[2164]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1144s [p11_child[2164]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1144s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.output 1144s + echo '-----BEGIN CERTIFICATE-----' 1144s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.output 1144s + echo '-----END CERTIFICATE-----' 1144s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.pem 1144s Certificate: 1144s Data: 1144s Version: 3 (0x2) 1144s Serial Number: 3 (0x3) 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1144s Validity 1144s Not Before: Mar 21 15:51:30 2024 GMT 1144s Not After : Mar 21 15:51:30 2025 GMT 1144s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1144s Subject Public Key Info: 1144s Public Key Algorithm: rsaEncryption 1144s Public-Key: (1024 bit) 1144s Modulus: 1144s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1144s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1144s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1144s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1144s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1144s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1144s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1144s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1144s 60:6f:69:d0:4a:24:68:8c:71 1144s Exponent: 65537 (0x10001) 1144s X509v3 extensions: 1144s X509v3 Authority Key Identifier: 1144s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1144s X509v3 Basic Constraints: 1144s CA:FALSE 1144s Netscape Cert Type: 1144s SSL Client, S/MIME 1144s Netscape Comment: 1144s Test Organization Root CA trusted Certificate 1144s X509v3 Subject Key Identifier: 1144s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1144s X509v3 Key Usage: critical 1144s Digital Signature, Non Repudiation, Key Encipherment 1144s X509v3 Extended Key Usage: 1144s TLS Web Client Authentication, E-mail Protection 1144s X509v3 Subject Alternative Name: 1144s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Signature Value: 1144s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1144s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1144s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1144s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1144s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1144s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1144s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1144s bc:eb 1144s + local found_md5 expected_md5 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + expected_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138.pem 1144s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1144s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.output 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.output .output 1144s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.pem 1144s + echo -n 053350 1144s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1144s [p11_child[2172]] [main] (0x0400): p11_child started. 1144s [p11_child[2172]] [main] (0x2000): Running in [auth] mode. 1144s [p11_child[2172]] [main] (0x2000): Running with effective IDs: [0][0]. 1144s [p11_child[2172]] [main] (0x2000): Running with real IDs [0][0]. 1144s [p11_child[2172]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1144s [p11_child[2172]] [do_card] (0x4000): Module List: 1144s [p11_child[2172]] [do_card] (0x4000): common name: [softhsm2]. 1144s [p11_child[2172]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2172]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1144s [p11_child[2172]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1144s [p11_child[2172]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2172]] [do_card] (0x4000): Login required. 1144s [p11_child[2172]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1144s [p11_child[2172]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1144s [p11_child[2172]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1144s [p11_child[2172]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1144s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1144s [p11_child[2172]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1144s [p11_child[2172]] [do_card] (0x4000): Certificate verified and validated. 1144s [p11_child[2172]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1144s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.output 1144s + echo '-----BEGIN CERTIFICATE-----' 1144s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.output 1144s + echo '-----END CERTIFICATE-----' 1144s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.pem 1144s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-7138-auth.pem 1144s Certificate: 1144s Data: 1144s Version: 3 (0x2) 1144s Serial Number: 3 (0x3) 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1144s Validity 1144s Not Before: Mar 21 15:51:30 2024 GMT 1144s Not After : Mar 21 15:51:30 2025 GMT 1144s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1144s Subject Public Key Info: 1144s Public Key Algorithm: rsaEncryption 1144s Public-Key: (1024 bit) 1144s Modulus: 1144s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1144s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1144s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1144s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1144s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1144s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1144s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1144s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1144s 60:6f:69:d0:4a:24:68:8c:71 1144s Exponent: 65537 (0x10001) 1144s X509v3 extensions: 1144s X509v3 Authority Key Identifier: 1144s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1144s X509v3 Basic Constraints: 1144s CA:FALSE 1144s Netscape Cert Type: 1144s SSL Client, S/MIME 1144s Netscape Comment: 1144s Test Organization Root CA trusted Certificate 1144s X509v3 Subject Key Identifier: 1144s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1144s X509v3 Key Usage: critical 1144s Digital Signature, Non Repudiation, Key Encipherment 1144s X509v3 Extended Key Usage: 1144s TLS Web Client Authentication, E-mail Protection 1144s X509v3 Subject Alternative Name: 1144s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1144s Signature Algorithm: sha256WithRSAEncryption 1144s Signature Value: 1144s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1144s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1144s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1144s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1144s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1144s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1144s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1144s bc:eb 1144s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1144s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1144s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1144s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1144s + local verify_option= 1144s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1144s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1144s + local key_cn 1144s + local key_name 1144s + local tokens_dir 1144s + local output_cert_file 1144s + token_name= 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1144s + key_name=test-root-CA-trusted-certificate-0001 1144s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1144s ++ sed -n 's/ *commonName *= //p' 1144s + key_cn='Test Organization Root Trusted Certificate 0001' 1144s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1144s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1144s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1144s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1144s + token_name='Test Organization Root Tr Token' 1144s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1144s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1144s + echo 'Test Organization Root Tr Token' 1144s Test Organization Root Tr Token 1144s + '[' -n '' ']' 1144s + local output_base_name=SSSD-child-8572 1144s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.output 1144s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.pem 1144s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1144s [p11_child[2182]] [main] (0x0400): p11_child started. 1144s [p11_child[2182]] [main] (0x2000): Running in [pre-auth] mode. 1144s [p11_child[2182]] [main] (0x2000): Running with effective IDs: [0][0]. 1144s [p11_child[2182]] [main] (0x2000): Running with real IDs [0][0]. 1144s [p11_child[2182]] [do_card] (0x4000): Module List: 1144s [p11_child[2182]] [do_card] (0x4000): common name: [softhsm2]. 1144s [p11_child[2182]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2182]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1144s [p11_child[2182]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1144s [p11_child[2182]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1144s [p11_child[2182]] [do_card] (0x4000): Login NOT required. 1144s [p11_child[2182]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1144s [p11_child[2182]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1144s [p11_child[2182]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1144s [p11_child[2182]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1144s [p11_child[2182]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1144s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.output 1144s + echo '-----BEGIN CERTIFICATE-----' 1144s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.output 1144s + echo '-----END CERTIFICATE-----' 1144s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.pem 1145s Certificate: 1145s Data: 1145s Version: 3 (0x2) 1145s Serial Number: 3 (0x3) 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1145s Validity 1145s Not Before: Mar 21 15:51:30 2024 GMT 1145s Not After : Mar 21 15:51:30 2025 GMT 1145s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1145s Subject Public Key Info: 1145s Public Key Algorithm: rsaEncryption 1145s Public-Key: (1024 bit) 1145s Modulus: 1145s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1145s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1145s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1145s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1145s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1145s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1145s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1145s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1145s 60:6f:69:d0:4a:24:68:8c:71 1145s Exponent: 65537 (0x10001) 1145s X509v3 extensions: 1145s X509v3 Authority Key Identifier: 1145s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1145s X509v3 Basic Constraints: 1145s CA:FALSE 1145s Netscape Cert Type: 1145s SSL Client, S/MIME 1145s Netscape Comment: 1145s Test Organization Root CA trusted Certificate 1145s X509v3 Subject Key Identifier: 1145s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1145s X509v3 Key Usage: critical 1145s Digital Signature, Non Repudiation, Key Encipherment 1145s X509v3 Extended Key Usage: 1145s TLS Web Client Authentication, E-mail Protection 1145s X509v3 Subject Alternative Name: 1145s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Signature Value: 1145s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1145s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1145s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1145s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1145s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1145s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1145s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1145s bc:eb 1145s + local found_md5 expected_md5 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + expected_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572.pem 1145s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1145s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.output 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.output .output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.pem 1145s + echo -n 053350 1145s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1145s [p11_child[2190]] [main] (0x0400): p11_child started. 1145s [p11_child[2190]] [main] (0x2000): Running in [auth] mode. 1145s [p11_child[2190]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2190]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2190]] [do_card] (0x4000): Module List: 1145s [p11_child[2190]] [do_card] (0x4000): common name: [softhsm2]. 1145s [p11_child[2190]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2190]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1145s [p11_child[2190]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1145s [p11_child[2190]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2190]] [do_card] (0x4000): Login required. 1145s [p11_child[2190]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1145s [p11_child[2190]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1145s [p11_child[2190]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1145s [p11_child[2190]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1145s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1145s [p11_child[2190]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1145s [p11_child[2190]] [do_card] (0x4000): Certificate verified and validated. 1145s [p11_child[2190]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1145s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.output 1145s + echo '-----BEGIN CERTIFICATE-----' 1145s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.output 1145s + echo '-----END CERTIFICATE-----' 1145s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.pem 1145s Certificate: 1145s Data: 1145s Version: 3 (0x2) 1145s Serial Number: 3 (0x3) 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1145s Validity 1145s Not Before: Mar 21 15:51:30 2024 GMT 1145s Not After : Mar 21 15:51:30 2025 GMT 1145s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1145s Subject Public Key Info: 1145s Public Key Algorithm: rsaEncryption 1145s Public-Key: (1024 bit) 1145s Modulus: 1145s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1145s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1145s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1145s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1145s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1145s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1145s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1145s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1145s 60:6f:69:d0:4a:24:68:8c:71 1145s Exponent: 65537 (0x10001) 1145s X509v3 extensions: 1145s X509v3 Authority Key Identifier: 1145s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1145s X509v3 Basic Constraints: 1145s CA:FALSE 1145s Netscape Cert Type: 1145s SSL Client, S/MIME 1145s Netscape Comment: 1145s Test Organization Root CA trusted Certificate 1145s X509v3 Subject Key Identifier: 1145s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1145s X509v3 Key Usage: critical 1145s Digital Signature, Non Repudiation, Key Encipherment 1145s X509v3 Extended Key Usage: 1145s TLS Web Client Authentication, E-mail Protection 1145s X509v3 Subject Alternative Name: 1145s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Signature Value: 1145s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1145s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1145s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1145s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1145s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1145s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1145s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1145s bc:eb 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-8572-auth.pem 1145s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1145s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1145s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1145s + local verify_option=partial_chain 1145s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_cn 1145s + local key_name 1145s + local tokens_dir 1145s + local output_cert_file 1145s + token_name= 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1145s + key_name=test-root-CA-trusted-certificate-0001 1145s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s ++ sed -n 's/ *commonName *= //p' 1145s + key_cn='Test Organization Root Trusted Certificate 0001' 1145s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1145s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1145s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1145s + token_name='Test Organization Root Tr Token' 1145s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1145s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1145s + echo 'Test Organization Root Tr Token' 1145s Test Organization Root Tr Token 1145s + '[' -n partial_chain ']' 1145s + local verify_arg=--verify=partial_chain 1145s + local output_base_name=SSSD-child-3158 1145s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.pem 1145s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1145s [p11_child[2200]] [main] (0x0400): p11_child started. 1145s [p11_child[2200]] [main] (0x2000): Running in [pre-auth] mode. 1145s [p11_child[2200]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2200]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2200]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1145s [p11_child[2200]] [do_card] (0x4000): Module List: 1145s [p11_child[2200]] [do_card] (0x4000): common name: [softhsm2]. 1145s [p11_child[2200]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2200]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1145s [p11_child[2200]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1145s [p11_child[2200]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2200]] [do_card] (0x4000): Login NOT required. 1145s [p11_child[2200]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1145s [p11_child[2200]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1145s [p11_child[2200]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1145s [p11_child[2200]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1145s [p11_child[2200]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1145s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.output 1145s + echo '-----BEGIN CERTIFICATE-----' 1145s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.output 1145s + echo '-----END CERTIFICATE-----' 1145s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.pem 1145s + local found_md5 expected_md5 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s Certificate: 1145s Data: 1145s Version: 3 (0x2) 1145s Serial Number: 3 (0x3) 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1145s Validity 1145s Not Before: Mar 21 15:51:30 2024 GMT 1145s Not After : Mar 21 15:51:30 2025 GMT 1145s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1145s Subject Public Key Info: 1145s Public Key Algorithm: rsaEncryption 1145s Public-Key: (1024 bit) 1145s Modulus: 1145s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1145s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1145s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1145s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1145s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1145s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1145s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1145s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1145s 60:6f:69:d0:4a:24:68:8c:71 1145s Exponent: 65537 (0x10001) 1145s X509v3 extensions: 1145s X509v3 Authority Key Identifier: 1145s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1145s X509v3 Basic Constraints: 1145s CA:FALSE 1145s Netscape Cert Type: 1145s SSL Client, S/MIME 1145s Netscape Comment: 1145s Test Organization Root CA trusted Certificate 1145s X509v3 Subject Key Identifier: 1145s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1145s X509v3 Key Usage: critical 1145s Digital Signature, Non Repudiation, Key Encipherment 1145s X509v3 Extended Key Usage: 1145s TLS Web Client Authentication, E-mail Protection 1145s X509v3 Subject Alternative Name: 1145s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Signature Value: 1145s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1145s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1145s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1145s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1145s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1145s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1145s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1145s bc:eb 1145s + expected_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158.pem 1145s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1145s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.output 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.output .output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.pem 1145s + echo -n 053350 1145s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1145s [p11_child[2208]] [main] (0x0400): p11_child started. 1145s [p11_child[2208]] [main] (0x2000): Running in [auth] mode. 1145s [p11_child[2208]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2208]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2208]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1145s [p11_child[2208]] [do_card] (0x4000): Module List: 1145s [p11_child[2208]] [do_card] (0x4000): common name: [softhsm2]. 1145s [p11_child[2208]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2208]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1145s [p11_child[2208]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1145s [p11_child[2208]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2208]] [do_card] (0x4000): Login required. 1145s [p11_child[2208]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1145s [p11_child[2208]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1145s [p11_child[2208]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1145s [p11_child[2208]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x472fd20f;slot-manufacturer=SoftHSM%20project;slot-id=1194316303;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ee0386e3472fd20f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1145s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1145s [p11_child[2208]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1145s [p11_child[2208]] [do_card] (0x4000): Certificate verified and validated. 1145s [p11_child[2208]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1145s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.output 1145s + echo '-----BEGIN CERTIFICATE-----' 1145s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.output 1145s + echo '-----END CERTIFICATE-----' 1145s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.pem 1145s Certificate: 1145s Data: 1145s Version: 3 (0x2) 1145s Serial Number: 3 (0x3) 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1145s Validity 1145s Not Before: Mar 21 15:51:30 2024 GMT 1145s Not After : Mar 21 15:51:30 2025 GMT 1145s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1145s Subject Public Key Info: 1145s Public Key Algorithm: rsaEncryption 1145s Public-Key: (1024 bit) 1145s Modulus: 1145s 00:bf:7f:8e:25:c3:0e:8b:07:51:27:9d:84:d6:dc: 1145s 36:cc:d5:c1:d7:5a:b8:f2:35:23:7a:2d:98:e0:4c: 1145s 33:c1:df:1f:be:2d:33:55:a6:83:55:f9:c5:e2:ec: 1145s d6:65:b8:d8:be:5f:bc:b8:e6:3c:89:fa:f1:62:ed: 1145s 39:0d:95:ca:cd:0c:ae:60:3f:ae:a9:1a:33:f1:0f: 1145s bd:05:f7:2a:b7:4f:d9:90:c6:8a:11:26:35:cb:79: 1145s ac:0d:93:24:6b:0d:aa:0b:58:81:5d:a4:30:ce:6d: 1145s 10:53:69:6e:c1:ea:92:91:2b:85:50:7b:63:5f:4a: 1145s 60:6f:69:d0:4a:24:68:8c:71 1145s Exponent: 65537 (0x10001) 1145s X509v3 extensions: 1145s X509v3 Authority Key Identifier: 1145s 82:B6:6A:09:FD:81:FE:9A:40:DB:99:9E:21:A0:3A:22:B5:52:66:B2 1145s X509v3 Basic Constraints: 1145s CA:FALSE 1145s Netscape Cert Type: 1145s SSL Client, S/MIME 1145s Netscape Comment: 1145s Test Organization Root CA trusted Certificate 1145s X509v3 Subject Key Identifier: 1145s 3B:58:D0:D5:11:DA:A8:4D:25:22:6B:DC:26:7B:EC:C6:26:96:A2:B0 1145s X509v3 Key Usage: critical 1145s Digital Signature, Non Repudiation, Key Encipherment 1145s X509v3 Extended Key Usage: 1145s TLS Web Client Authentication, E-mail Protection 1145s X509v3 Subject Alternative Name: 1145s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1145s Signature Algorithm: sha256WithRSAEncryption 1145s Signature Value: 1145s c8:e9:c0:b1:da:f4:18:a9:24:15:49:46:60:a2:95:3a:59:f7: 1145s 59:b5:99:89:f8:dd:29:74:db:ad:11:ed:3f:0f:74:53:a9:72: 1145s 57:65:ff:a4:58:a9:7b:73:b6:50:10:83:3d:04:67:14:2b:c2: 1145s 31:75:f6:e1:a8:9d:9b:41:44:4c:65:14:00:09:7b:6a:e8:25: 1145s c8:84:e8:d4:69:15:71:b7:65:22:93:2b:2f:a1:0e:5d:b1:5a: 1145s 96:54:cd:ef:4a:b7:ba:2c:4a:fe:fc:b1:0a:d6:3d:4e:6e:5e: 1145s 2a:9b:77:46:75:b9:27:67:bb:5d:f2:86:38:07:d6:f5:eb:67: 1145s bc:eb 1145s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-3158-auth.pem 1145s + found_md5=Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 1145s + '[' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 '!=' Modulus=BF7F8E25C30E8B0751279D84D6DC36CCD5C1D75AB8F235237A2D98E04C33C1DF1FBE2D3355A68355F9C5E2ECD665B8D8BE5FBCB8E63C89FAF162ED390D95CACD0CAE603FAEA91A33F10FBD05F72AB74FD990C68A112635CB79AC0D93246B0DAA0B58815DA430CE6D1053696EC1EA92912B85507B635F4A606F69D04A24688C71 ']' 1145s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s + local verify_option= 1145s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_cn 1145s + local key_name 1145s + local tokens_dir 1145s + local output_cert_file 1145s + token_name= 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1145s + key_name=test-root-CA-trusted-certificate-0001 1145s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s ++ sed -n 's/ *commonName *= //p' 1145s + key_cn='Test Organization Root Trusted Certificate 0001' 1145s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1145s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1145s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1145s + token_name='Test Organization Root Tr Token' 1145s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1145s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1145s + echo 'Test Organization Root Tr Token' 1145s + '[' -n '' ']' 1145s Test Organization Root Tr Token 1145s + local output_base_name=SSSD-child-9359 1145s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9359.output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-9359.pem 1145s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s [p11_child[2218]] [main] (0x0400): p11_child started. 1145s [p11_child[2218]] [main] (0x2000): Running in [pre-auth] mode. 1145s [p11_child[2218]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2218]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2218]] [do_card] (0x4000): Module List: 1145s [p11_child[2218]] [do_card] (0x4000): common name: [softhsm2]. 1145s [p11_child[2218]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2218]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1145s [p11_child[2218]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1145s [p11_child[2218]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2218]] [do_card] (0x4000): Login NOT required. 1145s [p11_child[2218]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1145s [p11_child[2218]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1145s [p11_child[2218]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1145s [p11_child[2218]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 1145s [p11_child[2218]] [do_card] (0x4000): No certificate found. 1145s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-9359.output 1145s + return 2 1145s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem partial_chain 1145s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem partial_chain 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s + local verify_option=partial_chain 1145s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16850 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-root-ca-trusted-cert-0001-16850 1145s + local key_cn 1145s + local key_name 1145s + local tokens_dir 1145s + local output_cert_file 1145s + token_name= 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem .pem 1145s + key_name=test-root-CA-trusted-certificate-0001 1145s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-root-CA-trusted-certificate-0001.pem 1145s ++ sed -n 's/ *commonName *= //p' 1145s + key_cn='Test Organization Root Trusted Certificate 0001' 1145s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1145s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1145s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 1145s + token_name='Test Organization Root Tr Token' 1145s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1145s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1145s Test Organization Root Tr Token 1145s + echo 'Test Organization Root Tr Token' 1145s + '[' -n partial_chain ']' 1145s + local verify_arg=--verify=partial_chain 1145s + local output_base_name=SSSD-child-8739 1145s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8739.output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-8739.pem 1145s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1145s [p11_child[2225]] [main] (0x0400): p11_child started. 1145s [p11_child[2225]] [main] (0x2000): Running in [pre-auth] mode. 1145s [p11_child[2225]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2225]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2225]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1145s [p11_child[2225]] [do_card] (0x4000): Module List: 1145s [p11_child[2225]] [do_card] (0x4000): common name: [softhsm2]. 1145s [p11_child[2225]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2225]] [do_card] (0x4000): Description [SoftHSM slot ID 0x472fd20f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1145s [p11_child[2225]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1145s [p11_child[2225]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x472fd20f][1194316303] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1145s [p11_child[2225]] [do_card] (0x4000): Login NOT required. 1145s [p11_child[2225]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1145s [p11_child[2225]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1145s [p11_child[2225]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1145s [p11_child[2225]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 1145s [p11_child[2225]] [do_card] (0x4000): No certificate found. 1145s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-8739.output 1145s + return 2 1145s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /dev/null 1145s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /dev/null 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local key_ring=/dev/null 1145s + local verify_option= 1145s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local key_cn 1145s + local key_name 1145s + local tokens_dir 1145s + local output_cert_file 1145s + token_name= 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1145s + key_name=test-intermediate-CA-trusted-certificate-0001 1145s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s ++ sed -n 's/ *commonName *= //p' 1145s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1145s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1145s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1145s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1145s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1145s + token_name='Test Organization Interme Token' 1145s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1145s + local key_file 1145s + local decrypted_key 1145s + mkdir -p /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1145s + key_file=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key.pem 1145s + decrypted_key=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1145s + cat 1145s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 1145s Slot 0 has a free/uninitialized token. 1145s The token has been initialized and is reassigned to slot 941746690 1145s + softhsm2-util --show-slots 1145s Available slots: 1145s Slot 941746690 1145s Slot info: 1145s Description: SoftHSM slot ID 0x3821ea02 1145s Manufacturer ID: SoftHSM project 1145s Hardware version: 2.6 1145s Firmware version: 2.6 1145s Token present: yes 1145s Token info: 1145s Manufacturer ID: SoftHSM project 1145s Model: SoftHSM v2 1145s Hardware version: 2.6 1145s Firmware version: 2.6 1145s Serial number: af3b4001b821ea02 1145s Initialized: yes 1145s User PIN init.: yes 1145s Label: Test Organization Interme Token 1145s Slot 1 1145s Slot info: 1145s Description: SoftHSM slot ID 0x1 1145s Manufacturer ID: SoftHSM project 1145s Hardware version: 2.6 1145s Firmware version: 2.6 1145s Token present: yes 1145s Token info: 1145s Manufacturer ID: SoftHSM project 1145s Model: SoftHSM v2 1145s Hardware version: 2.6 1145s Firmware version: 2.6 1145s Serial number: 1145s Initialized: no 1145s User PIN init.: no 1145s Label: 1145s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1145s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-19719 -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1145s writing RSA key 1145s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1145s + rm /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1145s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1145s Object 0: 1145s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 1145s Type: X.509 Certificate (RSA-1024) 1145s Expires: Fri Mar 21 15:51:30 2025 1145s Label: Test Organization Intermediate Trusted Certificate 0001 1145s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1145s 1145s Test Organization Interme Token 1145s + echo 'Test Organization Interme Token' 1145s + '[' -n '' ']' 1145s + local output_base_name=SSSD-child-20831 1145s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-20831.output 1145s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-20831.pem 1145s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 1145s [p11_child[2241]] [main] (0x0400): p11_child started. 1145s [p11_child[2241]] [main] (0x2000): Running in [pre-auth] mode. 1145s [p11_child[2241]] [main] (0x2000): Running with effective IDs: [0][0]. 1145s [p11_child[2241]] [main] (0x2000): Running with real IDs [0][0]. 1145s [p11_child[2241]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 1145s [p11_child[2241]] [do_work] (0x0040): init_verification failed. 1145s [p11_child[2241]] [main] (0x0020): p11_child failed (5) 1145s + return 2 1145s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /dev/null no_verification 1145s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /dev/null no_verification 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local key_ring=/dev/null 1145s + local verify_option=no_verification 1145s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1145s + local key_cn 1145s + local key_name 1145s + local tokens_dir 1145s + local output_cert_file 1145s + token_name= 1145s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1145s + key_name=test-intermediate-CA-trusted-certificate-0001 1145s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1145s ++ sed -n 's/ *commonName *= //p' 1146s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1146s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1146s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1146s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1146s + token_name='Test Organization Interme Token' 1146s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1146s Test Organization Interme Token 1146s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1146s + echo 'Test Organization Interme Token' 1146s + '[' -n no_verification ']' 1146s + local verify_arg=--verify=no_verification 1146s + local output_base_name=SSSD-child-31546 1146s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.pem 1146s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 1146s [p11_child[2247]] [main] (0x0400): p11_child started. 1146s [p11_child[2247]] [main] (0x2000): Running in [pre-auth] mode. 1146s [p11_child[2247]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2247]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2247]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1146s [p11_child[2247]] [do_card] (0x4000): Module List: 1146s [p11_child[2247]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2247]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2247]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2247]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2247]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2247]] [do_card] (0x4000): Login NOT required. 1146s [p11_child[2247]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2247]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1146s [p11_child[2247]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1146s [p11_child[2247]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.output 1146s + echo '-----BEGIN CERTIFICATE-----' 1146s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.output 1146s + echo '-----END CERTIFICATE-----' 1146s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.pem 1146s Certificate: 1146s Data: 1146s Version: 3 (0x2) 1146s Serial Number: 4 (0x4) 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1146s Validity 1146s Not Before: Mar 21 15:51:30 2024 GMT 1146s Not After : Mar 21 15:51:30 2025 GMT 1146s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1146s Subject Public Key Info: 1146s Public Key Algorithm: rsaEncryption 1146s Public-Key: (1024 bit) 1146s Modulus: 1146s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1146s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1146s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1146s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1146s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1146s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1146s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1146s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1146s 25:1b:fd:5d:0b:d6:50:e5:85 1146s Exponent: 65537 (0x10001) 1146s X509v3 extensions: 1146s X509v3 Authority Key Identifier: 1146s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1146s X509v3 Basic Constraints: 1146s CA:FALSE 1146s Netscape Cert Type: 1146s SSL Client, S/MIME 1146s Netscape Comment: 1146s Test Organization Intermediate CA trusted Certificate 1146s X509v3 Subject Key Identifier: 1146s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1146s X509v3 Key Usage: critical 1146s Digital Signature, Non Repudiation, Key Encipherment 1146s X509v3 Extended Key Usage: 1146s TLS Web Client Authentication, E-mail Protection 1146s X509v3 Subject Alternative Name: 1146s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Signature Value: 1146s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1146s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1146s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1146s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1146s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1146s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1146s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1146s fa:35 1146s + local found_md5 expected_md5 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + expected_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546.pem 1146s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1146s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.output 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.output .output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.pem 1146s + echo -n 053350 1146s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1146s [p11_child[2255]] [main] (0x0400): p11_child started. 1146s [p11_child[2255]] [main] (0x2000): Running in [auth] mode. 1146s [p11_child[2255]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2255]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2255]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1146s [p11_child[2255]] [do_card] (0x4000): Module List: 1146s [p11_child[2255]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2255]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2255]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2255]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2255]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2255]] [do_card] (0x4000): Login required. 1146s [p11_child[2255]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2255]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1146s [p11_child[2255]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1146s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1146s [p11_child[2255]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1146s [p11_child[2255]] [do_card] (0x4000): Certificate verified and validated. 1146s [p11_child[2255]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.output 1146s + echo '-----BEGIN CERTIFICATE-----' 1146s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.output 1146s + echo '-----END CERTIFICATE-----' 1146s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.pem 1146s Certificate: 1146s Data: 1146s Version: 3 (0x2) 1146s Serial Number: 4 (0x4) 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1146s Validity 1146s Not Before: Mar 21 15:51:30 2024 GMT 1146s Not After : Mar 21 15:51:30 2025 GMT 1146s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1146s Subject Public Key Info: 1146s Public Key Algorithm: rsaEncryption 1146s Public-Key: (1024 bit) 1146s Modulus: 1146s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1146s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1146s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1146s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1146s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1146s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1146s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1146s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1146s 25:1b:fd:5d:0b:d6:50:e5:85 1146s Exponent: 65537 (0x10001) 1146s X509v3 extensions: 1146s X509v3 Authority Key Identifier: 1146s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1146s X509v3 Basic Constraints: 1146s CA:FALSE 1146s Netscape Cert Type: 1146s SSL Client, S/MIME 1146s Netscape Comment: 1146s Test Organization Intermediate CA trusted Certificate 1146s X509v3 Subject Key Identifier: 1146s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1146s X509v3 Key Usage: critical 1146s Digital Signature, Non Repudiation, Key Encipherment 1146s X509v3 Extended Key Usage: 1146s TLS Web Client Authentication, E-mail Protection 1146s X509v3 Subject Alternative Name: 1146s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Signature Value: 1146s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1146s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1146s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1146s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1146s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1146s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1146s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1146s fa:35 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-31546-auth.pem 1146s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1146s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s + local verify_option= 1146s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_cn 1146s + local key_name 1146s + local tokens_dir 1146s + local output_cert_file 1146s + token_name= 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1146s + key_name=test-intermediate-CA-trusted-certificate-0001 1146s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s ++ sed -n 's/ *commonName *= //p' 1146s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1146s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1146s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1146s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1146s + token_name='Test Organization Interme Token' 1146s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1146s Test Organization Interme Token 1146s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1146s + echo 'Test Organization Interme Token' 1146s + '[' -n '' ']' 1146s + local output_base_name=SSSD-child-27690 1146s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-27690.output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-27690.pem 1146s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s [p11_child[2265]] [main] (0x0400): p11_child started. 1146s [p11_child[2265]] [main] (0x2000): Running in [pre-auth] mode. 1146s [p11_child[2265]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2265]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2265]] [do_card] (0x4000): Module List: 1146s [p11_child[2265]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2265]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2265]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2265]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2265]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2265]] [do_card] (0x4000): Login NOT required. 1146s [p11_child[2265]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2265]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1146s [p11_child[2265]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1146s [p11_child[2265]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1146s [p11_child[2265]] [do_card] (0x4000): No certificate found. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-27690.output 1146s + return 2 1146s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1146s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s + local verify_option=partial_chain 1146s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_cn 1146s + local key_name 1146s + local tokens_dir 1146s + local output_cert_file 1146s + token_name= 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1146s + key_name=test-intermediate-CA-trusted-certificate-0001 1146s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s ++ sed -n 's/ *commonName *= //p' 1146s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1146s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1146s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1146s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1146s + token_name='Test Organization Interme Token' 1146s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1146s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1146s + echo 'Test Organization Interme Token' 1146s + '[' -n partial_chain ']' 1146s + local verify_arg=--verify=partial_chain 1146s + local output_base_name=SSSD-child-18069 1146s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18069.output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18069.pem 1146s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1146s Test Organization Interme Token 1146s [p11_child[2272]] [main] (0x0400): p11_child started. 1146s [p11_child[2272]] [main] (0x2000): Running in [pre-auth] mode. 1146s [p11_child[2272]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2272]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2272]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1146s [p11_child[2272]] [do_card] (0x4000): Module List: 1146s [p11_child[2272]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2272]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2272]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2272]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2272]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2272]] [do_card] (0x4000): Login NOT required. 1146s [p11_child[2272]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2272]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1146s [p11_child[2272]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1146s [p11_child[2272]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1146s [p11_child[2272]] [do_card] (0x4000): No certificate found. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-18069.output 1146s + return 2 1146s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s + local verify_option= 1146s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_cn 1146s + local key_name 1146s + local tokens_dir 1146s + local output_cert_file 1146s + token_name= 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1146s + key_name=test-intermediate-CA-trusted-certificate-0001 1146s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s ++ sed -n 's/ *commonName *= //p' 1146s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1146s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1146s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1146s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1146s + token_name='Test Organization Interme Token' 1146s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1146s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1146s + echo 'Test Organization Interme Token' 1146s Test Organization Interme Token 1146s + '[' -n '' ']' 1146s + local output_base_name=SSSD-child-18005 1146s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.pem 1146s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s [p11_child[2279]] [main] (0x0400): p11_child started. 1146s [p11_child[2279]] [main] (0x2000): Running in [pre-auth] mode. 1146s [p11_child[2279]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2279]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2279]] [do_card] (0x4000): Module List: 1146s [p11_child[2279]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2279]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2279]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2279]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2279]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2279]] [do_card] (0x4000): Login NOT required. 1146s [p11_child[2279]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2279]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1146s [p11_child[2279]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1146s [p11_child[2279]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1146s [p11_child[2279]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.output 1146s + echo '-----BEGIN CERTIFICATE-----' 1146s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.output 1146s + echo '-----END CERTIFICATE-----' 1146s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.pem 1146s Certificate: 1146s Data: 1146s Version: 3 (0x2) 1146s Serial Number: 4 (0x4) 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1146s Validity 1146s Not Before: Mar 21 15:51:30 2024 GMT 1146s Not After : Mar 21 15:51:30 2025 GMT 1146s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1146s Subject Public Key Info: 1146s Public Key Algorithm: rsaEncryption 1146s Public-Key: (1024 bit) 1146s Modulus: 1146s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1146s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1146s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1146s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1146s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1146s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1146s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1146s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1146s 25:1b:fd:5d:0b:d6:50:e5:85 1146s Exponent: 65537 (0x10001) 1146s X509v3 extensions: 1146s X509v3 Authority Key Identifier: 1146s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1146s X509v3 Basic Constraints: 1146s CA:FALSE 1146s Netscape Cert Type: 1146s SSL Client, S/MIME 1146s Netscape Comment: 1146s Test Organization Intermediate CA trusted Certificate 1146s X509v3 Subject Key Identifier: 1146s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1146s X509v3 Key Usage: critical 1146s Digital Signature, Non Repudiation, Key Encipherment 1146s X509v3 Extended Key Usage: 1146s TLS Web Client Authentication, E-mail Protection 1146s X509v3 Subject Alternative Name: 1146s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Signature Value: 1146s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1146s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1146s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1146s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1146s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1146s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1146s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1146s fa:35 1146s + local found_md5 expected_md5 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + expected_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005.pem 1146s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1146s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.output 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.output .output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.pem 1146s + echo -n 053350 1146s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1146s [p11_child[2287]] [main] (0x0400): p11_child started. 1146s [p11_child[2287]] [main] (0x2000): Running in [auth] mode. 1146s [p11_child[2287]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2287]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2287]] [do_card] (0x4000): Module List: 1146s [p11_child[2287]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2287]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2287]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2287]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2287]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2287]] [do_card] (0x4000): Login required. 1146s [p11_child[2287]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2287]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1146s [p11_child[2287]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1146s [p11_child[2287]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1146s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1146s [p11_child[2287]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1146s [p11_child[2287]] [do_card] (0x4000): Certificate verified and validated. 1146s [p11_child[2287]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.output 1146s + echo '-----BEGIN CERTIFICATE-----' 1146s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.output 1146s + echo '-----END CERTIFICATE-----' 1146s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.pem 1146s Certificate: 1146s Data: 1146s Version: 3 (0x2) 1146s Serial Number: 4 (0x4) 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1146s Validity 1146s Not Before: Mar 21 15:51:30 2024 GMT 1146s Not After : Mar 21 15:51:30 2025 GMT 1146s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1146s Subject Public Key Info: 1146s Public Key Algorithm: rsaEncryption 1146s Public-Key: (1024 bit) 1146s Modulus: 1146s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1146s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1146s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1146s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1146s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1146s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1146s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1146s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1146s 25:1b:fd:5d:0b:d6:50:e5:85 1146s Exponent: 65537 (0x10001) 1146s X509v3 extensions: 1146s X509v3 Authority Key Identifier: 1146s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1146s X509v3 Basic Constraints: 1146s CA:FALSE 1146s Netscape Cert Type: 1146s SSL Client, S/MIME 1146s Netscape Comment: 1146s Test Organization Intermediate CA trusted Certificate 1146s X509v3 Subject Key Identifier: 1146s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1146s X509v3 Key Usage: critical 1146s Digital Signature, Non Repudiation, Key Encipherment 1146s X509v3 Extended Key Usage: 1146s TLS Web Client Authentication, E-mail Protection 1146s X509v3 Subject Alternative Name: 1146s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1146s Signature Algorithm: sha256WithRSAEncryption 1146s Signature Value: 1146s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1146s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1146s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1146s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1146s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1146s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1146s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1146s fa:35 1146s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-18005-auth.pem 1146s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1146s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1146s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1146s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s + local verify_option=partial_chain 1146s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1146s + local key_cn 1146s + local key_name 1146s + local tokens_dir 1146s + local output_cert_file 1146s + token_name= 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1146s + key_name=test-intermediate-CA-trusted-certificate-0001 1146s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1146s ++ sed -n 's/ *commonName *= //p' 1146s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1146s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1146s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1146s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1146s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1146s + token_name='Test Organization Interme Token' 1146s Test Organization Interme Token 1146s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1146s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1146s + echo 'Test Organization Interme Token' 1146s + '[' -n partial_chain ']' 1146s + local verify_arg=--verify=partial_chain 1146s + local output_base_name=SSSD-child-28027 1146s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.output 1146s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.pem 1146s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1146s [p11_child[2297]] [main] (0x0400): p11_child started. 1146s [p11_child[2297]] [main] (0x2000): Running in [pre-auth] mode. 1146s [p11_child[2297]] [main] (0x2000): Running with effective IDs: [0][0]. 1146s [p11_child[2297]] [main] (0x2000): Running with real IDs [0][0]. 1146s [p11_child[2297]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1146s [p11_child[2297]] [do_card] (0x4000): Module List: 1146s [p11_child[2297]] [do_card] (0x4000): common name: [softhsm2]. 1146s [p11_child[2297]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2297]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1146s [p11_child[2297]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1146s [p11_child[2297]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1146s [p11_child[2297]] [do_card] (0x4000): Login NOT required. 1146s [p11_child[2297]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1146s [p11_child[2297]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1146s [p11_child[2297]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1146s [p11_child[2297]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1146s [p11_child[2297]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1146s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.output 1146s + echo '-----BEGIN CERTIFICATE-----' 1146s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.output 1146s + echo '-----END CERTIFICATE-----' 1146s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.pem 1147s Certificate: 1147s Data: 1147s Version: 3 (0x2) 1147s Serial Number: 4 (0x4) 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1147s Validity 1147s Not Before: Mar 21 15:51:30 2024 GMT 1147s Not After : Mar 21 15:51:30 2025 GMT 1147s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1147s Subject Public Key Info: 1147s Public Key Algorithm: rsaEncryption 1147s Public-Key: (1024 bit) 1147s Modulus: 1147s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1147s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1147s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1147s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1147s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1147s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1147s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1147s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1147s 25:1b:fd:5d:0b:d6:50:e5:85 1147s Exponent: 65537 (0x10001) 1147s X509v3 extensions: 1147s X509v3 Authority Key Identifier: 1147s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1147s X509v3 Basic Constraints: 1147s CA:FALSE 1147s Netscape Cert Type: 1147s SSL Client, S/MIME 1147s Netscape Comment: 1147s Test Organization Intermediate CA trusted Certificate 1147s X509v3 Subject Key Identifier: 1147s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1147s X509v3 Key Usage: critical 1147s Digital Signature, Non Repudiation, Key Encipherment 1147s X509v3 Extended Key Usage: 1147s TLS Web Client Authentication, E-mail Protection 1147s X509v3 Subject Alternative Name: 1147s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Signature Value: 1147s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1147s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1147s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1147s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1147s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1147s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1147s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1147s fa:35 1147s + local found_md5 expected_md5 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + expected_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027.pem 1147s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1147s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.output 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.output .output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.pem 1147s + echo -n 053350 1147s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1147s [p11_child[2305]] [main] (0x0400): p11_child started. 1147s [p11_child[2305]] [main] (0x2000): Running in [auth] mode. 1147s [p11_child[2305]] [main] (0x2000): Running with effective IDs: [0][0]. 1147s [p11_child[2305]] [main] (0x2000): Running with real IDs [0][0]. 1147s [p11_child[2305]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1147s [p11_child[2305]] [do_card] (0x4000): Module List: 1147s [p11_child[2305]] [do_card] (0x4000): common name: [softhsm2]. 1147s [p11_child[2305]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2305]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1147s [p11_child[2305]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1147s [p11_child[2305]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2305]] [do_card] (0x4000): Login required. 1147s [p11_child[2305]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1147s [p11_child[2305]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1147s [p11_child[2305]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1147s [p11_child[2305]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1147s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1147s [p11_child[2305]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1147s [p11_child[2305]] [do_card] (0x4000): Certificate verified and validated. 1147s [p11_child[2305]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1147s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.output 1147s + echo '-----BEGIN CERTIFICATE-----' 1147s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.output 1147s + echo '-----END CERTIFICATE-----' 1147s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.pem 1147s Certificate: 1147s Data: 1147s Version: 3 (0x2) 1147s Serial Number: 4 (0x4) 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1147s Validity 1147s Not Before: Mar 21 15:51:30 2024 GMT 1147s Not After : Mar 21 15:51:30 2025 GMT 1147s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1147s Subject Public Key Info: 1147s Public Key Algorithm: rsaEncryption 1147s Public-Key: (1024 bit) 1147s Modulus: 1147s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1147s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1147s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1147s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1147s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1147s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1147s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1147s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1147s 25:1b:fd:5d:0b:d6:50:e5:85 1147s Exponent: 65537 (0x10001) 1147s X509v3 extensions: 1147s X509v3 Authority Key Identifier: 1147s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1147s X509v3 Basic Constraints: 1147s CA:FALSE 1147s Netscape Cert Type: 1147s SSL Client, S/MIME 1147s Netscape Comment: 1147s Test Organization Intermediate CA trusted Certificate 1147s X509v3 Subject Key Identifier: 1147s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1147s X509v3 Key Usage: critical 1147s Digital Signature, Non Repudiation, Key Encipherment 1147s X509v3 Extended Key Usage: 1147s TLS Web Client Authentication, E-mail Protection 1147s X509v3 Subject Alternative Name: 1147s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Signature Value: 1147s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1147s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1147s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1147s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1147s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1147s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1147s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1147s fa:35 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28027-auth.pem 1147s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1147s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s + local verify_option= 1147s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local key_cn 1147s + local key_name 1147s + local tokens_dir 1147s + local output_cert_file 1147s + token_name= 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1147s + key_name=test-intermediate-CA-trusted-certificate-0001 1147s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s ++ sed -n 's/ *commonName *= //p' 1147s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1147s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1147s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1147s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1147s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1147s + token_name='Test Organization Interme Token' 1147s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1147s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1147s + echo 'Test Organization Interme Token' 1147s Test Organization Interme Token 1147s + '[' -n '' ']' 1147s + local output_base_name=SSSD-child-28590 1147s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28590.output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28590.pem 1147s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s [p11_child[2315]] [main] (0x0400): p11_child started. 1147s [p11_child[2315]] [main] (0x2000): Running in [pre-auth] mode. 1147s [p11_child[2315]] [main] (0x2000): Running with effective IDs: [0][0]. 1147s [p11_child[2315]] [main] (0x2000): Running with real IDs [0][0]. 1147s [p11_child[2315]] [do_card] (0x4000): Module List: 1147s [p11_child[2315]] [do_card] (0x4000): common name: [softhsm2]. 1147s [p11_child[2315]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2315]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1147s [p11_child[2315]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1147s [p11_child[2315]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2315]] [do_card] (0x4000): Login NOT required. 1147s [p11_child[2315]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1147s [p11_child[2315]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1147s [p11_child[2315]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 1147s [p11_child[2315]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1147s [p11_child[2315]] [do_card] (0x4000): No certificate found. 1147s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28590.output 1147s + return 2 1147s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem partial_chain 1147s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem partial_chain 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s + local verify_option=partial_chain 1147s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19719 1147s + local key_cn 1147s + local key_name 1147s + local tokens_dir 1147s + local output_cert_file 1147s + token_name= 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem .pem 1147s + key_name=test-intermediate-CA-trusted-certificate-0001 1147s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s ++ sed -n 's/ *commonName *= //p' 1147s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1147s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1147s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1147s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1147s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 1147s + token_name='Test Organization Interme Token' 1147s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1147s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1147s + echo 'Test Organization Interme Token' 1147s + '[' -n partial_chain ']' 1147s + local verify_arg=--verify=partial_chain 1147s + local output_base_name=SSSD-child-16911 1147s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.pem 1147s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem 1147s Test Organization Interme Token 1147s [p11_child[2322]] [main] (0x0400): p11_child started. 1147s [p11_child[2322]] [main] (0x2000): Running in [pre-auth] mode. 1147s [p11_child[2322]] [main] (0x2000): Running with effective IDs: [0][0]. 1147s [p11_child[2322]] [main] (0x2000): Running with real IDs [0][0]. 1147s [p11_child[2322]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1147s [p11_child[2322]] [do_card] (0x4000): Module List: 1147s [p11_child[2322]] [do_card] (0x4000): common name: [softhsm2]. 1147s [p11_child[2322]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2322]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1147s [p11_child[2322]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1147s [p11_child[2322]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2322]] [do_card] (0x4000): Login NOT required. 1147s [p11_child[2322]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1147s [p11_child[2322]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1147s [p11_child[2322]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1147s [p11_child[2322]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1147s [p11_child[2322]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1147s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.output 1147s + echo '-----BEGIN CERTIFICATE-----' 1147s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.output 1147s + echo '-----END CERTIFICATE-----' 1147s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.pem 1147s Certificate: 1147s Data: 1147s Version: 3 (0x2) 1147s Serial Number: 4 (0x4) 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1147s Validity 1147s Not Before: Mar 21 15:51:30 2024 GMT 1147s Not After : Mar 21 15:51:30 2025 GMT 1147s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1147s Subject Public Key Info: 1147s Public Key Algorithm: rsaEncryption 1147s Public-Key: (1024 bit) 1147s Modulus: 1147s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1147s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1147s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1147s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1147s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1147s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1147s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1147s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1147s 25:1b:fd:5d:0b:d6:50:e5:85 1147s Exponent: 65537 (0x10001) 1147s X509v3 extensions: 1147s X509v3 Authority Key Identifier: 1147s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1147s X509v3 Basic Constraints: 1147s CA:FALSE 1147s Netscape Cert Type: 1147s SSL Client, S/MIME 1147s Netscape Comment: 1147s Test Organization Intermediate CA trusted Certificate 1147s X509v3 Subject Key Identifier: 1147s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1147s X509v3 Key Usage: critical 1147s Digital Signature, Non Repudiation, Key Encipherment 1147s X509v3 Extended Key Usage: 1147s TLS Web Client Authentication, E-mail Protection 1147s X509v3 Subject Alternative Name: 1147s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Signature Value: 1147s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1147s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1147s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1147s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1147s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1147s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1147s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1147s fa:35 1147s + local found_md5 expected_md5 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-intermediate-CA-trusted-certificate-0001.pem 1147s + expected_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911.pem 1147s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1147s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.output 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.output .output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.pem 1147s + echo -n 053350 1147s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1147s [p11_child[2330]] [main] (0x0400): p11_child started. 1147s [p11_child[2330]] [main] (0x2000): Running in [auth] mode. 1147s [p11_child[2330]] [main] (0x2000): Running with effective IDs: [0][0]. 1147s [p11_child[2330]] [main] (0x2000): Running with real IDs [0][0]. 1147s [p11_child[2330]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1147s [p11_child[2330]] [do_card] (0x4000): Module List: 1147s [p11_child[2330]] [do_card] (0x4000): common name: [softhsm2]. 1147s [p11_child[2330]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2330]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3821ea02] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1147s [p11_child[2330]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1147s [p11_child[2330]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3821ea02][941746690] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2330]] [do_card] (0x4000): Login required. 1147s [p11_child[2330]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1147s [p11_child[2330]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1147s [p11_child[2330]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1147s [p11_child[2330]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3821ea02;slot-manufacturer=SoftHSM%20project;slot-id=941746690;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af3b4001b821ea02;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1147s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1147s [p11_child[2330]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1147s [p11_child[2330]] [do_card] (0x4000): Certificate verified and validated. 1147s [p11_child[2330]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1147s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.output 1147s + echo '-----BEGIN CERTIFICATE-----' 1147s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.output 1147s + echo '-----END CERTIFICATE-----' 1147s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.pem 1147s Certificate: 1147s Data: 1147s Version: 3 (0x2) 1147s Serial Number: 4 (0x4) 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1147s Validity 1147s Not Before: Mar 21 15:51:30 2024 GMT 1147s Not After : Mar 21 15:51:30 2025 GMT 1147s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1147s Subject Public Key Info: 1147s Public Key Algorithm: rsaEncryption 1147s Public-Key: (1024 bit) 1147s Modulus: 1147s 00:9a:55:80:e3:38:93:a0:2a:98:e9:e7:e2:8b:e7: 1147s a0:fa:9b:83:de:db:70:6a:ce:5d:68:bc:1a:f3:3a: 1147s 24:5d:ec:39:29:81:64:92:74:ed:20:24:21:55:ed: 1147s 5e:da:e9:f5:01:6b:4c:0a:5e:1a:b2:bf:f9:d5:c3: 1147s 2c:c4:c6:95:46:51:8f:9e:76:9a:6c:43:78:bc:bc: 1147s c5:2a:31:16:f4:a5:28:4b:61:3f:a4:7a:91:a9:0d: 1147s 0b:b7:5a:d0:4c:95:f2:02:c4:13:fa:bb:e9:1f:f4: 1147s 38:9e:67:08:f9:14:7b:e6:9a:ef:1c:43:f0:c8:e2: 1147s 25:1b:fd:5d:0b:d6:50:e5:85 1147s Exponent: 65537 (0x10001) 1147s X509v3 extensions: 1147s X509v3 Authority Key Identifier: 1147s 2F:8B:EA:3F:BB:55:D1:37:B3:34:A7:3F:2D:7C:3E:F9:87:54:21:F2 1147s X509v3 Basic Constraints: 1147s CA:FALSE 1147s Netscape Cert Type: 1147s SSL Client, S/MIME 1147s Netscape Comment: 1147s Test Organization Intermediate CA trusted Certificate 1147s X509v3 Subject Key Identifier: 1147s E8:65:6A:18:FB:DB:75:9C:36:14:0C:88:CB:33:66:3D:2C:6C:DF:2B 1147s X509v3 Key Usage: critical 1147s Digital Signature, Non Repudiation, Key Encipherment 1147s X509v3 Extended Key Usage: 1147s TLS Web Client Authentication, E-mail Protection 1147s X509v3 Subject Alternative Name: 1147s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1147s Signature Algorithm: sha256WithRSAEncryption 1147s Signature Value: 1147s 97:2e:e8:85:2a:5b:09:51:4b:ed:9d:cb:84:85:53:6e:54:6d: 1147s db:cc:c8:6f:29:cf:48:35:d6:48:fc:9f:ac:a2:54:71:82:ff: 1147s be:d8:89:03:8c:ba:8d:47:09:43:1b:73:8f:61:25:43:17:32: 1147s 49:2e:e6:b0:dc:0c:12:c6:0b:85:2e:ce:0d:91:4c:44:d8:89: 1147s e7:63:bc:4e:c8:81:86:ba:a2:01:0d:0d:55:8c:9d:df:eb:89: 1147s 9c:e9:b8:24:de:0f:5c:3b:4e:66:bc:d7:5b:b4:c7:86:de:f4: 1147s e7:51:7b:b0:e0:3c:a4:fe:6c:43:f4:32:b5:7c:80:67:cc:8d: 1147s fa:35 1147s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-16911-auth.pem 1147s + found_md5=Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 1147s + '[' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 '!=' Modulus=9A5580E33893A02A98E9E7E28BE7A0FA9B83DEDB706ACE5D68BC1AF33A245DEC392981649274ED20242155ED5EDAE9F5016B4C0A5E1AB2BFF9D5C32CC4C69546518F9E769A6C4378BCBCC52A3116F4A5284B613FA47A91A90D0BB75AD04C95F202C413FABBE91FF4389E6708F9147BE69AEF1C43F0C8E2251BFD5D0BD650E585 ']' 1147s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s + local verify_option= 1147s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local key_cn 1147s + local key_name 1147s + local tokens_dir 1147s + local output_cert_file 1147s + token_name= 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1147s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1147s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s ++ sed -n 's/ *commonName *= //p' 1147s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1147s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1147s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1147s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1147s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1147s + token_name='Test Organization Sub Int Token' 1147s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1147s + local key_file 1147s + local decrypted_key 1147s + mkdir -p /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1147s + key_file=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 1147s + decrypted_key=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1147s + cat 1147s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 1147s Slot 0 has a free/uninitialized token. 1147s The token has been initialized and is reassigned to slot 53298959 1147s + softhsm2-util --show-slots 1147s Available slots: 1147s Slot 53298959 1147s Slot info: 1147s Description: SoftHSM slot ID 0x32d470f 1147s Manufacturer ID: SoftHSM project 1147s Hardware version: 2.6 1147s Firmware version: 2.6 1147s Token present: yes 1147s Token info: 1147s Manufacturer ID: SoftHSM project 1147s Model: SoftHSM v2 1147s Hardware version: 2.6 1147s Firmware version: 2.6 1147s Serial number: f6b0ba4e832d470f 1147s Initialized: yes 1147s User PIN init.: yes 1147s Label: Test Organization Sub Int Token 1147s Slot 1 1147s Slot info: 1147s Description: SoftHSM slot ID 0x1 1147s Manufacturer ID: SoftHSM project 1147s Hardware version: 2.6 1147s Firmware version: 2.6 1147s Token present: yes 1147s Token info: 1147s Manufacturer ID: SoftHSM project 1147s Model: SoftHSM v2 1147s Hardware version: 2.6 1147s Firmware version: 2.6 1147s Serial number: 1147s Initialized: no 1147s User PIN init.: no 1147s Label: 1147s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1147s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-16243 -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1147s writing RSA key 1147s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1147s + rm /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1147s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1147s Object 0: 1147s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 1147s Type: X.509 Certificate (RSA-1024) 1147s Expires: Fri Mar 21 15:51:30 2025 1147s Label: Test Organization Sub Intermediate Trusted Certificate 0001 1147s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1147s 1147s + echo 'Test Organization Sub Int Token' 1147s Test Organization Sub Int Token 1147s + '[' -n '' ']' 1147s + local output_base_name=SSSD-child-27092 1147s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-27092.output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-27092.pem 1147s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s [p11_child[2349]] [main] (0x0400): p11_child started. 1147s [p11_child[2349]] [main] (0x2000): Running in [pre-auth] mode. 1147s [p11_child[2349]] [main] (0x2000): Running with effective IDs: [0][0]. 1147s [p11_child[2349]] [main] (0x2000): Running with real IDs [0][0]. 1147s [p11_child[2349]] [do_card] (0x4000): Module List: 1147s [p11_child[2349]] [do_card] (0x4000): common name: [softhsm2]. 1147s [p11_child[2349]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2349]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1147s [p11_child[2349]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1147s [p11_child[2349]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1147s [p11_child[2349]] [do_card] (0x4000): Login NOT required. 1147s [p11_child[2349]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1147s [p11_child[2349]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1147s [p11_child[2349]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1147s [p11_child[2349]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1147s [p11_child[2349]] [do_card] (0x4000): No certificate found. 1147s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-27092.output 1147s + return 2 1147s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1147s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-CA.pem partial_chain 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s + local verify_option=partial_chain 1147s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1147s + local key_cn 1147s + local key_name 1147s + local tokens_dir 1147s + local output_cert_file 1147s + token_name= 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1147s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1147s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1147s ++ sed -n 's/ *commonName *= //p' 1147s Test Organization Sub Int Token 1147s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1147s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1147s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1147s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1147s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1147s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1147s + token_name='Test Organization Sub Int Token' 1147s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1147s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1147s + echo 'Test Organization Sub Int Token' 1147s + '[' -n partial_chain ']' 1147s + local verify_arg=--verify=partial_chain 1147s + local output_base_name=SSSD-child-3106 1147s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3106.output 1147s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-3106.pem 1147s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-CA.pem 1147s [p11_child[2356]] [main] (0x0400): p11_child started. 1147s [p11_child[2356]] [main] (0x2000): Running in [pre-auth] mode. 1148s [p11_child[2356]] [main] (0x2000): Running with effective IDs: [0][0]. 1148s [p11_child[2356]] [main] (0x2000): Running with real IDs [0][0]. 1148s [p11_child[2356]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1148s [p11_child[2356]] [do_card] (0x4000): Module List: 1150s [p11_child[2356]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2356]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2356]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2356]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2356]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2356]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2356]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2356]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1150s [p11_child[2356]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1150s [p11_child[2356]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1150s [p11_child[2356]] [do_card] (0x4000): No certificate found. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-3106.output 1150s + return 2 1150s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s + local verify_option= 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s Test Organization Sub Int Token 1150s + '[' -n '' ']' 1150s + local output_base_name=SSSD-child-10494 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.pem 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s [p11_child[2363]] [main] (0x0400): p11_child started. 1150s [p11_child[2363]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2363]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2363]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2363]] [do_card] (0x4000): Module List: 1150s [p11_child[2363]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2363]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2363]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2363]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2363]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2363]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2363]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2363]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2363]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2363]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2363]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.pem 1150s + local found_md5 expected_md5 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + expected_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.output 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.output .output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.pem 1150s + echo -n 053350 1150s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1150s [p11_child[2371]] [main] (0x0400): p11_child started. 1150s [p11_child[2371]] [main] (0x2000): Running in [auth] mode. 1150s [p11_child[2371]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2371]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2371]] [do_card] (0x4000): Module List: 1150s [p11_child[2371]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2371]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2371]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2371]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2371]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2371]] [do_card] (0x4000): Login required. 1150s [p11_child[2371]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2371]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2371]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2371]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1150s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1150s [p11_child[2371]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1150s [p11_child[2371]] [do_card] (0x4000): Certificate verified and validated. 1150s [p11_child[2371]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.pem 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-10494-auth.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem partial_chain 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s + local verify_option=partial_chain 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s Test Organization Sub Int Token 1150s + '[' -n partial_chain ']' 1150s + local verify_arg=--verify=partial_chain 1150s + local output_base_name=SSSD-child-28980 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.pem 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem 1150s [p11_child[2381]] [main] (0x0400): p11_child started. 1150s [p11_child[2381]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2381]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2381]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2381]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2381]] [do_card] (0x4000): Module List: 1150s [p11_child[2381]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2381]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2381]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2381]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2381]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2381]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2381]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2381]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2381]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2381]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2381]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.pem 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s + local found_md5 expected_md5 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + expected_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.output 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.output .output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.pem 1150s + echo -n 053350 1150s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1150s [p11_child[2389]] [main] (0x0400): p11_child started. 1150s [p11_child[2389]] [main] (0x2000): Running in [auth] mode. 1150s [p11_child[2389]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2389]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2389]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2389]] [do_card] (0x4000): Module List: 1150s [p11_child[2389]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2389]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2389]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2389]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2389]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2389]] [do_card] (0x4000): Login required. 1150s [p11_child[2389]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2389]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2389]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2389]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1150s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1150s [p11_child[2389]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1150s [p11_child[2389]] [do_card] (0x4000): Certificate verified and validated. 1150s [p11_child[2389]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.pem 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-28980-auth.pem 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s + local verify_option= 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s Test Organization Sub Int Token 1150s + '[' -n '' ']' 1150s + local output_base_name=SSSD-child-4556 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4556.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4556.pem 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s [p11_child[2399]] [main] (0x0400): p11_child started. 1150s [p11_child[2399]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2399]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2399]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2399]] [do_card] (0x4000): Module List: 1150s [p11_child[2399]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2399]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2399]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2399]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2399]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2399]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2399]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2399]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1150s [p11_child[2399]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 1150s [p11_child[2399]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1150s [p11_child[2399]] [do_card] (0x4000): No certificate found. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-4556.output 1150s + return 2 1150s + invalid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem partial_chain 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem partial_chain 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem 1150s + local verify_option=partial_chain 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s + '[' -n partial_chain ']' 1150s + local verify_arg=--verify=partial_chain 1150s + local output_base_name=SSSD-child-16309 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16309.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-16309.pem 1150s Test Organization Sub Int Token 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-root-intermediate-chain-CA.pem 1150s [p11_child[2406]] [main] (0x0400): p11_child started. 1150s [p11_child[2406]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2406]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2406]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2406]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2406]] [do_card] (0x4000): Module List: 1150s [p11_child[2406]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2406]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2406]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2406]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2406]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2406]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2406]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1150s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1150s [p11_child[2406]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1150s [p11_child[2406]] [do_card] (0x4000): No certificate found. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-16309.output 1150s + return 2 1150s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem partial_chain 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem partial_chain 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s + local verify_option=partial_chain 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s + '[' -n partial_chain ']' 1150s + local verify_arg=--verify=partial_chain 1150s + local output_base_name=SSSD-child-30618 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.pem 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem 1150s [p11_child[2413]] [main] (0x0400): p11_child started. 1150s [p11_child[2413]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2413]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2413]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2413]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2413]] [do_card] (0x4000): Module List: 1150s [p11_child[2413]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2413]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2413]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2413]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2413]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2413]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2413]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2413]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2413]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2413]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2413]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.pem 1150s + local found_md5 expected_md5 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + expected_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.output 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.output .output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.pem 1150s + echo -n 053350 1150s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1150s [p11_child[2421]] [main] (0x0400): p11_child started. 1150s [p11_child[2421]] [main] (0x2000): Running in [auth] mode. 1150s [p11_child[2421]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2421]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2421]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2421]] [do_card] (0x4000): Module List: 1150s [p11_child[2421]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2421]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2421]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2421]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2421]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2421]] [do_card] (0x4000): Login required. 1150s [p11_child[2421]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2421]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2421]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2421]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1150s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1150s [p11_child[2421]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1150s [p11_child[2421]] [do_card] (0x4000): Certificate verified and validated. 1150s [p11_child[2421]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.pem 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-30618-auth.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + valid_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-intermediate-sub-chain-CA.pem partial_chain 1150s + check_certificate /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 /tmp/sssd-softhsm2-7kk18L/test-intermediate-sub-chain-CA.pem partial_chain 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_ring=/tmp/sssd-softhsm2-7kk18L/test-intermediate-sub-chain-CA.pem 1150s + local verify_option=partial_chain 1150s + prepare_softhsm2_card /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local certificate=/tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16243 1150s + local key_cn 1150s + local key_name 1150s + local tokens_dir 1150s + local output_cert_file 1150s + token_name= 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1150s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1150s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s ++ sed -n 's/ *commonName *= //p' 1150s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1150s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1150s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1150s + tokens_dir=/tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1150s + token_name='Test Organization Sub Int Token' 1150s + '[' '!' -e /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1150s + '[' '!' -d /tmp/sssd-softhsm2-7kk18L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1150s + echo 'Test Organization Sub Int Token' 1150s + '[' -n partial_chain ']' 1150s + local verify_arg=--verify=partial_chain 1150s + local output_base_name=SSSD-child-4677 1150s + local output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.pem 1150s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-sub-chain-CA.pem 1150s [p11_child[2431]] [main] (0x0400): p11_child started. 1150s [p11_child[2431]] [main] (0x2000): Running in [pre-auth] mode. 1150s [p11_child[2431]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2431]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2431]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2431]] [do_card] (0x4000): Module List: 1150s [p11_child[2431]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2431]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2431]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2431]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2431]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2431]] [do_card] (0x4000): Login NOT required. 1150s [p11_child[2431]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2431]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2431]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2431]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2431]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.pem 1150s + local found_md5 expected_md5 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/test-sub-intermediate-CA-trusted-certificate-0001.pem 1150s + expected_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + output_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.output 1150s ++ basename /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.output .output 1150s + output_cert_file=/tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.pem 1150s + echo -n 053350 1150s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-7kk18L/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1150s [p11_child[2439]] [main] (0x0400): p11_child started. 1150s [p11_child[2439]] [main] (0x2000): Running in [auth] mode. 1150s [p11_child[2439]] [main] (0x2000): Running with effective IDs: [0][0]. 1150s [p11_child[2439]] [main] (0x2000): Running with real IDs [0][0]. 1150s [p11_child[2439]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1150s [p11_child[2439]] [do_card] (0x4000): Module List: 1150s [p11_child[2439]] [do_card] (0x4000): common name: [softhsm2]. 1150s [p11_child[2439]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2439]] [do_card] (0x4000): Description [SoftHSM slot ID 0x32d470f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1150s [p11_child[2439]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1150s [p11_child[2439]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x32d470f][53298959] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1150s [p11_child[2439]] [do_card] (0x4000): Login required. 1150s [p11_child[2439]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1150s [p11_child[2439]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1150s [p11_child[2439]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1150s [p11_child[2439]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x32d470f;slot-manufacturer=SoftHSM%20project;slot-id=53298959;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6b0ba4e832d470f;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1150s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1150s [p11_child[2439]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1150s [p11_child[2439]] [do_card] (0x4000): Certificate verified and validated. 1150s [p11_child[2439]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1150s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.output 1150s + echo '-----BEGIN CERTIFICATE-----' 1150s + tail -n1 /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.output 1150s + echo '-----END CERTIFICATE-----' 1150s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.pem 1150s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-7kk18L/SSSD-child-4677-auth.pem 1150s + found_md5=Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 1150s + '[' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 '!=' Modulus=C413A88053F6CC47297C4AAAF7781D0C57DD7FAF366EBEFEF65A9489F57E902771D5513E9554249700057635C755B40F252BD1215B1F30CF7BA0F46A36D496B305D4E956FF0AC65CEF3C853783CB96ADF626B70751D3DFEEFFEE16182CAC14B4AEE99ACB9D0FD697FD3565D6AA951AE639439C08F62D4DFB1035D3239DB57275 ']' 1150s + set +x 1150s Test Organization Sub Int Token 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s Test Organization Sub Int Token 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s Certificate: 1150s Data: 1150s Version: 3 (0x2) 1150s Serial Number: 5 (0x5) 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1150s Validity 1150s Not Before: Mar 21 15:51:30 2024 GMT 1150s Not After : Mar 21 15:51:30 2025 GMT 1150s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1150s Subject Public Key Info: 1150s Public Key Algorithm: rsaEncryption 1150s Public-Key: (1024 bit) 1150s Modulus: 1150s 00:c4:13:a8:80:53:f6:cc:47:29:7c:4a:aa:f7:78: 1150s 1d:0c:57:dd:7f:af:36:6e:be:fe:f6:5a:94:89:f5: 1150s 7e:90:27:71:d5:51:3e:95:54:24:97:00:05:76:35: 1150s c7:55:b4:0f:25:2b:d1:21:5b:1f:30:cf:7b:a0:f4: 1150s 6a:36:d4:96:b3:05:d4:e9:56:ff:0a:c6:5c:ef:3c: 1150s 85:37:83:cb:96:ad:f6:26:b7:07:51:d3:df:ee:ff: 1150s ee:16:18:2c:ac:14:b4:ae:e9:9a:cb:9d:0f:d6:97: 1150s fd:35:65:d6:aa:95:1a:e6:39:43:9c:08:f6:2d:4d: 1150s fb:10:35:d3:23:9d:b5:72:75 1150s Exponent: 65537 (0x10001) 1150s X509v3 extensions: 1150s X509v3 Authority Key Identifier: 1150s 7E:39:F2:83:E3:9B:7C:D8:61:DB:C3:2A:AD:67:F7:0F:AF:31:CB:5A 1150s X509v3 Basic Constraints: 1150s CA:FALSE 1150s Netscape Cert Type: 1150s SSL Client, S/MIME 1150s Netscape Comment: 1150s Test Organization Sub Intermediate CA trusted Certificate 1150s X509v3 Subject Key Identifier: 1150s C3:87:74:65:49:9D:D8:84:64:DB:BC:46:B9:DE:F2:B2:34:EE:72:5E 1150s X509v3 Key Usage: critical 1150s Digital Signature, Non Repudiation, Key Encipherment 1150s X509v3 Extended Key Usage: 1150s TLS Web Client Authentication, E-mail Protection 1150s X509v3 Subject Alternative Name: 1150s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1150s Signature Algorithm: sha256WithRSAEncryption 1150s Signature Value: 1150s bb:49:ec:5d:e8:38:76:56:57:88:cb:d4:56:1c:3b:ee:d5:cd: 1150s d1:ab:4e:8e:26:47:74:8f:19:30:fa:3f:f4:dd:1e:10:c7:69: 1150s 4d:1c:a0:04:c5:36:68:ea:9c:9b:a2:ae:d3:4d:68:80:b5:20: 1150s 79:e0:83:5e:0d:d0:6c:dc:b2:95:d3:39:69:bf:a4:b4:bc:42: 1150s e7:28:5a:6a:40:fd:ec:fe:c4:c9:36:9d:0d:dd:1a:dc:b3:51: 1150s f3:1f:85:f8:37:c9:fe:74:3b:aa:4f:be:a3:98:22:a2:a6:56: 1150s 45:fc:ad:d9:f0:87:bf:b7:9b:e8:a7:c1:7c:bc:25:0f:d4:4d: 1150s c2:4a 1150s 1150s Test completed, Root CA and intermediate issued certificates verified! 1150s autopkgtest [15:51:37]: test sssd-softhism2-certificates-tests.sh: -----------------------] 1150s autopkgtest [15:51:37]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 1150s sssd-softhism2-certificates-tests.sh PASS 1151s autopkgtest [15:51:38]: test sssd-smart-card-pam-auth-configs: preparing testbed 1163s Reading package lists... 1163s Building dependency tree... 1163s Reading state information... 1164s Starting pkgProblemResolver with broken count: 0 1164s Starting 2 pkgProblemResolver with broken count: 0 1164s Done 1164s The following additional packages will be installed: 1164s pamtester 1164s The following NEW packages will be installed: 1164s autopkgtest-satdep pamtester 1164s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 1164s Need to get 14.6 kB/15.4 kB of archives. 1164s After this operation, 86.0 kB of additional disk space will be used. 1164s Get:1 /tmp/autopkgtest.HSIGxg/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [760 B] 1164s Get:2 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 1164s Fetched 14.6 kB in 0s (65.3 kB/s) 1164s Selecting previously unselected package pamtester. 1164s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70304 files and directories currently installed.) 1164s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 1164s Unpacking pamtester (0.1.2-4) ... 1164s Selecting previously unselected package autopkgtest-satdep. 1164s Preparing to unpack .../4-autopkgtest-satdep.deb ... 1164s Unpacking autopkgtest-satdep (0) ... 1164s Setting up pamtester (0.1.2-4) ... 1164s Setting up autopkgtest-satdep (0) ... 1164s Processing triggers for man-db (2.12.0-3) ... 1167s (Reading database ... 70310 files and directories currently installed.) 1167s Removing autopkgtest-satdep (0) ... 1168s autopkgtest [15:51:55]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 1168s autopkgtest [15:51:55]: test sssd-smart-card-pam-auth-configs: [----------------------- 1168s + '[' -z ubuntu ']' 1168s + export DEBIAN_FRONTEND=noninteractive 1168s + DEBIAN_FRONTEND=noninteractive 1168s + required_tools=(pamtester softhsm2-util sssd) 1168s + [[ ! -v OFFLINE_MODE ]] 1168s + for cmd in "${required_tools[@]}" 1168s + command -v pamtester 1168s + for cmd in "${required_tools[@]}" 1168s + command -v softhsm2-util 1168s + for cmd in "${required_tools[@]}" 1168s + command -v sssd 1168s + PIN=123456 1168s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 1168s + tmpdir=/tmp/sssd-softhsm2-certs-Jha9RD 1168s + backupsdir= 1168s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 1168s + declare -a restore_paths 1168s + declare -a delete_paths 1168s + trap handle_exit EXIT 1168s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 1168s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 1168s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 1168s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 1168s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-Jha9RD GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 1168s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-Jha9RD 1168s + GENERATE_SMART_CARDS=1 1168s + KEEP_TEMPORARY_FILES=1 1168s + NO_SSSD_TESTS=1 1168s + bash debian/tests/sssd-softhism2-certificates-tests.sh 1168s + '[' -z ubuntu ']' 1168s + required_tools=(p11tool openssl softhsm2-util) 1168s + for cmd in "${required_tools[@]}" 1168s + command -v p11tool 1168s + for cmd in "${required_tools[@]}" 1168s + command -v openssl 1168s + for cmd in "${required_tools[@]}" 1168s + command -v softhsm2-util 1168s + PIN=123456 1168s +++ find /usr/lib/softhsm/libsofthsm2.so 1168s +++ head -n 1 1168s ++ realpath /usr/lib/softhsm/libsofthsm2.so 1168s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1168s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 1168s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 1168s + '[' '!' -v NO_SSSD_TESTS ']' 1168s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 1168s + tmpdir=/tmp/sssd-softhsm2-certs-Jha9RD 1168s + keys_size=1024 1168s + [[ ! -v KEEP_TEMPORARY_FILES ]] 1168s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 1168s + echo -n 01 1168s + touch /tmp/sssd-softhsm2-certs-Jha9RD/index.txt 1168s + mkdir -p /tmp/sssd-softhsm2-certs-Jha9RD/new_certs 1168s + cat 1168s + root_ca_key_pass=pass:random-root-CA-password-10696 1168s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-key.pem -passout pass:random-root-CA-password-10696 1024 1168s + openssl req -passin pass:random-root-CA-password-10696 -batch -config /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem 1168s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem 1168s + cat 1168s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-31163 1168s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31163 1024 1168s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-31163 -config /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-10696 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-certificate-request.pem 1168s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-certificate-request.pem 1168s Certificate Request: 1168s Data: 1168s Version: 1 (0x0) 1168s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1168s Subject Public Key Info: 1168s Public Key Algorithm: rsaEncryption 1168s Public-Key: (1024 bit) 1168s Modulus: 1168s 00:be:87:13:88:36:f3:5b:78:6d:66:06:d3:7e:68: 1168s ba:0f:77:9b:91:5e:31:a6:d7:59:b7:ba:17:3a:6c: 1168s 59:c1:0c:2f:45:f3:bc:a8:0e:7f:4d:f4:ef:72:2f: 1168s bb:37:0a:8f:76:4a:7c:74:d6:f5:8c:45:c5:f4:e7: 1168s 5d:79:a2:b6:c8:23:8a:38:ee:cf:a5:1f:79:c9:73: 1168s 84:d2:65:ac:45:80:be:f1:bb:15:f3:a5:2e:b7:61: 1168s c7:d4:a8:93:05:b4:d8:aa:74:e0:63:85:cc:59:d1: 1168s 5a:a3:d8:c9:1b:83:46:59:d8:8f:97:7a:98:59:60: 1168s ec:34:5d:7a:6f:15:24:ae:9f 1168s Exponent: 65537 (0x10001) 1168s Attributes: 1168s (none) 1168s Requested Extensions: 1168s Signature Algorithm: sha256WithRSAEncryption 1168s Signature Value: 1168s 86:39:b8:fd:c4:32:34:7b:4c:e4:b5:f9:4d:a5:25:53:36:6a: 1168s 03:71:c1:f1:b5:22:19:48:6f:4f:61:40:73:eb:37:3f:ca:ab: 1168s b8:77:55:46:b2:dd:88:86:aa:ab:92:c6:72:22:a8:bc:46:f4: 1168s 4a:a5:3f:41:7a:5f:60:56:98:84:39:2d:f9:28:20:74:eb:f7: 1168s bd:28:28:6b:8e:50:c9:f9:5e:d9:f5:d8:44:aa:c0:dc:a6:5b: 1168s e3:52:6a:73:5e:27:c6:9d:c5:73:2c:b8:b2:35:7b:6e:24:40: 1168s 42:e5:04:d6:20:2b:27:b7:7e:17:1f:e6:4a:31:95:fb:b0:cc: 1168s 26:24 1168s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.config -passin pass:random-root-CA-password-10696 -keyfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem 1168s Using configuration from /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.config 1168s Check that the request matches the signature 1168s Signature ok 1168s Certificate Details: 1168s Serial Number: 1 (0x1) 1168s Validity 1168s Not Before: Mar 21 15:51:55 2024 GMT 1168s Not After : Mar 21 15:51:55 2025 GMT 1168s Subject: 1168s organizationName = Test Organization 1168s organizationalUnitName = Test Organization Unit 1168s commonName = Test Organization Intermediate CA 1168s X509v3 extensions: 1168s X509v3 Subject Key Identifier: 1168s 2E:98:A4:B2:F2:90:B0:4F:2C:E1:75:9E:95:EE:DB:5D:E3:2A:C7:88 1168s X509v3 Authority Key Identifier: 1168s keyid:C0:82:2F:F1:FE:A2:E8:95:21:A7:52:C2:07:12:56:48:C0:32:73:9E 1168s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1168s serial:00 1168s X509v3 Basic Constraints: 1168s CA:TRUE 1168s X509v3 Key Usage: critical 1168s Digital Signature, Certificate Sign, CRL Sign 1168s Certificate is to be certified until Mar 21 15:51:55 2025 GMT (365 days) 1168s 1168s Write out database with 1 new entries 1168s Database updated 1168s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem 1168s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem 1168s /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem: OK 1168s + cat 1168s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-30396 1168s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-30396 1024 1168s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-30396 -config /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31163 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-certificate-request.pem 1168s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-certificate-request.pem 1168s Certificate Request: 1168s Data: 1168s Version: 1 (0x0) 1168s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1168s Subject Public Key Info: 1168s Public Key Algorithm: rsaEncryption 1168s Public-Key: (1024 bit) 1168s Modulus: 1168s 00:d4:b0:f6:d0:88:5a:cf:04:b5:0b:d2:c9:ae:66: 1168s 4f:7b:c4:23:56:5d:89:62:9c:5c:b6:3b:04:ac:1a: 1168s 3a:11:c9:ad:de:18:e5:4f:f7:1e:1a:3c:fd:3d:3a: 1168s fa:4b:60:f2:a8:7e:2d:02:2d:7c:d6:ac:9f:dc:eb: 1168s 46:3d:e9:28:ca:4d:ee:b2:5b:88:57:6a:0d:2f:9c: 1168s a4:b8:75:13:c8:e6:70:8c:6d:7e:75:f9:d0:39:b0: 1168s 64:26:d1:fb:88:c6:5f:d4:1f:4b:1d:b6:77:9b:ca: 1168s 1c:7d:70:62:dd:c0:5c:22:a3:24:db:04:d3:4a:85: 1168s 7a:5f:3f:37:38:b6:fc:ed:61 1168s Exponent: 65537 (0x10001) 1168s Attributes: 1168s (none) 1168s Requested Extensions: 1168s Signature Algorithm: sha256WithRSAEncryption 1168s Signature Value: 1168s 4f:f3:7d:d6:ca:95:d4:4c:4a:15:57:3e:05:49:04:f7:5d:49: 1168s 91:a1:a1:df:75:a8:af:81:b3:8f:f7:cb:0c:bf:c2:45:25:f4: 1168s fd:cc:54:ac:b6:64:5d:0b:4a:9a:65:0b:63:7b:d0:ff:2d:13: 1168s ad:f9:ff:35:62:93:92:16:bf:a6:65:9a:2b:af:27:54:24:3b: 1168s e6:7a:bd:8e:0d:57:d9:dd:71:a4:62:79:63:7e:84:d2:80:26: 1168s 6c:bd:85:89:ec:be:aa:b4:b2:d3:eb:17:92:5f:20:60:5e:ca: 1168s 49:5a:4f:26:be:87:24:94:cf:a8:67:3c:2a:ff:0f:af:41:7b: 1168s e2:69 1168s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-31163 -keyfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1168s Using configuration from /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.config 1168s Check that the request matches the signature 1168s Signature ok 1168s Certificate Details: 1168s Serial Number: 2 (0x2) 1168s Validity 1168s Not Before: Mar 21 15:51:55 2024 GMT 1168s Not After : Mar 21 15:51:55 2025 GMT 1168s Subject: 1168s organizationName = Test Organization 1168s organizationalUnitName = Test Organization Unit 1168s commonName = Test Organization Sub Intermediate CA 1168s X509v3 extensions: 1168s X509v3 Subject Key Identifier: 1168s E8:91:14:0F:6D:C1:03:D1:77:DE:C2:04:12:2A:13:4F:F3:9A:9F:6D 1168s X509v3 Authority Key Identifier: 1168s keyid:2E:98:A4:B2:F2:90:B0:4F:2C:E1:75:9E:95:EE:DB:5D:E3:2A:C7:88 1168s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1168s serial:01 1168s X509v3 Basic Constraints: 1168s CA:TRUE 1168s X509v3 Key Usage: critical 1168s Digital Signature, Certificate Sign, CRL Sign 1168s Certificate is to be certified until Mar 21 15:51:55 2025 GMT (365 days) 1168s 1168s Write out database with 1 new entries 1168s Database updated 1168s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1168s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1168s /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem: OK 1168s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1168s + local cmd=openssl 1168s + shift 1168s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1169s error 20 at 0 depth lookup: unable to get local issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem: verification failed 1169s + cat 1169s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-29553 1169s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-29553 1024 1169s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-29553 -key /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-request.pem 1169s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-request.pem 1169s Certificate Request: 1169s Data: 1169s Version: 1 (0x0) 1169s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1169s Subject Public Key Info: 1169s Public Key Algorithm: rsaEncryption 1169s Public-Key: (1024 bit) 1169s Modulus: 1169s 00:d8:57:a6:b7:70:4c:d8:9f:6c:23:40:da:eb:ae: 1169s 94:09:44:c5:b1:04:30:cf:3b:e6:fc:b5:53:02:cb: 1169s 03:26:27:a5:1f:8d:41:ea:a7:c7:4e:1d:ea:03:fd: 1169s 54:2b:76:65:04:3b:cc:95:3f:48:66:04:b8:4f:c7: 1169s e1:85:44:4f:31:e6:e5:99:31:83:b5:03:e9:13:e3: 1169s e7:82:79:b7:2a:ce:51:6d:df:24:44:f3:55:8d:6e: 1169s 01:a8:44:60:5f:1f:a3:db:24:3c:80:f3:c8:7f:7f: 1169s 1e:ef:37:46:6a:1c:cf:b5:a4:e4:de:85:2b:65:6f: 1169s 29:aa:2a:f7:8a:e9:92:3a:eb 1169s Exponent: 65537 (0x10001) 1169s Attributes: 1169s Requested Extensions: 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Root CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s C4:5C:14:09:43:6A:10:DC:AE:02:93:35:C9:B4:2A:7A:42:68:04:55 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Signature Algorithm: sha256WithRSAEncryption 1169s Signature Value: 1169s 05:9c:69:4e:5d:59:dd:0a:51:3b:62:ed:95:48:65:39:4b:e0: 1169s 8e:8f:b6:3f:c7:9f:41:0f:f7:50:99:ac:f6:29:b1:a5:ec:aa: 1169s 2b:2f:5a:ad:8f:a7:71:44:e2:ca:14:4d:d2:a1:22:87:1c:a9: 1169s 4e:72:ea:1f:dd:a9:89:aa:68:fd:d0:9a:fb:20:1f:0c:7a:21: 1169s 4a:d2:ee:54:d7:c5:49:f1:cc:92:5b:fb:da:39:18:fd:c6:4b: 1169s 02:1e:97:49:d3:69:02:76:d8:fa:a6:57:69:41:69:8d:b5:75: 1169s be:77:2c:d4:f1:48:ff:d0:5d:e6:cd:c0:2b:eb:02:b1:e7:56: 1169s f5:0a 1169s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.config -passin pass:random-root-CA-password-10696 -keyfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s Using configuration from /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.config 1169s Check that the request matches the signature 1169s Signature ok 1169s Certificate Details: 1169s Serial Number: 3 (0x3) 1169s Validity 1169s Not Before: Mar 21 15:51:56 2024 GMT 1169s Not After : Mar 21 15:51:56 2025 GMT 1169s Subject: 1169s organizationName = Test Organization 1169s organizationalUnitName = Test Organization Unit 1169s commonName = Test Organization Root Trusted Certificate 0001 1169s X509v3 extensions: 1169s X509v3 Authority Key Identifier: 1169s C0:82:2F:F1:FE:A2:E8:95:21:A7:52:C2:07:12:56:48:C0:32:73:9E 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Root CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s C4:5C:14:09:43:6A:10:DC:AE:02:93:35:C9:B4:2A:7A:42:68:04:55 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Certificate is to be certified until Mar 21 15:51:56 2025 GMT (365 days) 1169s 1169s Write out database with 1 new entries 1169s Database updated 1169s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem: OK 1169s + local cmd=openssl 1169s + shift 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1169s error 20 at 0 depth lookup: unable to get local issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem: verification failed 1169s + cat 1169s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-3347 1169s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-3347 1024 1169s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-3347 -key /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-request.pem 1169s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-request.pem 1169s Certificate Request: 1169s Data: 1169s Version: 1 (0x0) 1169s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1169s Subject Public Key Info: 1169s Public Key Algorithm: rsaEncryption 1169s Public-Key: (1024 bit) 1169s Modulus: 1169s 00:ad:44:45:79:ff:ce:cd:94:40:77:3f:c0:ed:9d: 1169s 31:70:e1:bf:e8:a5:18:72:da:51:30:c2:1f:2a:3c: 1169s c4:8a:f4:b1:78:9a:ee:6f:d2:ab:a3:3e:56:77:cd: 1169s ed:65:7b:a0:89:93:09:87:00:21:81:0c:31:6a:a4: 1169s ba:b7:d8:69:49:51:d0:b1:4f:bd:7d:52:17:f0:73: 1169s 8b:93:8c:87:c5:ff:59:b0:ca:2f:71:f4:5a:5e:fd: 1169s 8e:7f:52:4d:27:36:63:2e:03:cb:4d:b6:c7:ec:ed: 1169s d9:98:57:fe:bd:35:2d:23:49:d6:39:55:5d:03:84: 1169s f3:f3:7e:42:3b:b3:80:cc:37 1169s Exponent: 65537 (0x10001) 1169s Attributes: 1169s Requested Extensions: 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Intermediate CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s 45:EC:55:68:27:CA:06:E7:28:D8:6B:92:39:60:58:5A:FA:F1:FA:07 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Signature Algorithm: sha256WithRSAEncryption 1169s Signature Value: 1169s 07:36:8d:43:7c:45:72:a5:f4:f6:4f:4f:87:1c:cb:43:cc:f3: 1169s a6:a1:4d:66:6c:8c:c2:6c:ee:4c:7a:1b:9f:bc:a6:6d:d0:85: 1169s 0a:1f:b8:66:d0:b5:6b:5c:9d:8a:17:98:17:3d:ba:0f:c7:a9: 1169s 2c:e8:f7:8b:c4:bf:be:6b:85:89:68:c4:f2:e6:b9:49:21:3c: 1169s 7e:e6:26:df:10:85:d9:46:d6:3d:d4:78:83:96:d8:90:b3:72: 1169s 40:c5:83:4f:86:9d:08:af:a7:61:c3:86:b0:f0:1a:26:99:ad: 1169s 32:fa:fc:7d:a6:f4:39:90:22:0f:94:19:ab:88:bf:d3:90:15: 1169s b9:0c 1169s + openssl ca -passin pass:random-intermediate-CA-password-31163 -config /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s Using configuration from /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.config 1169s Check that the request matches the signature 1169s Signature ok 1169s Certificate Details: 1169s Serial Number: 4 (0x4) 1169s Validity 1169s Not Before: Mar 21 15:51:56 2024 GMT 1169s Not After : Mar 21 15:51:56 2025 GMT 1169s Subject: 1169s organizationName = Test Organization 1169s organizationalUnitName = Test Organization Unit 1169s commonName = Test Organization Intermediate Trusted Certificate 0001 1169s X509v3 extensions: 1169s X509v3 Authority Key Identifier: 1169s 2E:98:A4:B2:F2:90:B0:4F:2C:E1:75:9E:95:EE:DB:5D:E3:2A:C7:88 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Intermediate CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s 45:EC:55:68:27:CA:06:E7:28:D8:6B:92:39:60:58:5A:FA:F1:FA:07 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Certificate is to be certified until Mar 21 15:51:56 2025 GMT (365 days) 1169s 1169s Write out database with 1 new entries 1169s Database updated 1169s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s This certificate should not be trusted fully 1169s + echo 'This certificate should not be trusted fully' 1169s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s + local cmd=openssl 1169s + shift 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1169s error 2 at 1 depth lookup: unable to get issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 1169s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem: OK 1169s + cat 1169s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-7553 1169s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-7553 1024 1169s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-7553 -key /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1169s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1169s Certificate Request: 1169s Data: 1169s Version: 1 (0x0) 1169s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1169s Subject Public Key Info: 1169s Public Key Algorithm: rsaEncryption 1169s Public-Key: (1024 bit) 1169s Modulus: 1169s 00:a9:70:7b:60:2c:e8:50:30:46:41:b5:5f:ce:17: 1169s 12:be:89:c4:98:df:e6:a3:91:5e:78:45:80:1c:30: 1169s 1a:63:0a:13:8a:ae:81:0f:1e:9c:1d:1c:04:a5:2e: 1169s 61:f8:16:be:e1:0d:66:b8:e5:3a:72:22:d6:82:b2: 1169s 3f:b7:d3:13:f2:16:d8:5e:f7:6b:f7:eb:34:ce:b6: 1169s ca:6c:71:35:6d:74:56:20:ad:aa:8a:4b:17:1a:af: 1169s e2:4a:4e:cc:be:0a:a4:7b:ed:fc:1c:ae:78:52:15: 1169s ed:1b:53:d0:71:e9:4f:ad:63:a9:2f:d5:83:93:3a: 1169s fb:a8:4c:b8:64:cf:02:60:e9 1169s Exponent: 65537 (0x10001) 1169s Attributes: 1169s Requested Extensions: 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Sub Intermediate CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s 22:33:FD:AA:A6:55:04:95:6C:64:1A:F3:68:6E:DA:A5:9D:E4:61:C3 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Signature Algorithm: sha256WithRSAEncryption 1169s Signature Value: 1169s 25:49:6a:76:09:70:38:f2:0e:96:d0:7b:61:fb:3e:b3:21:43: 1169s 29:45:09:96:c5:5f:0c:65:3a:9a:f2:75:43:d9:26:67:29:56: 1169s 07:4d:28:1e:64:e1:5a:b1:1b:64:40:d6:8a:85:a9:10:51:89: 1169s c0:7d:ed:8d:be:f3:39:41:71:8d:1a:fd:0a:09:0a:0a:10:ac: 1169s fb:ad:83:f5:86:f2:28:4f:b7:91:be:85:b4:73:c2:79:9a:cd: 1169s 38:df:d4:0e:57:af:7f:8b:ab:1e:28:8d:b5:54:b7:74:11:34: 1169s 37:f9:26:79:c6:15:8c:b7:65:eb:1d:27:53:33:d7:fa:3e:7f: 1169s 75:19 1169s + openssl ca -passin pass:random-sub-intermediate-CA-password-30396 -config /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s Using configuration from /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.config 1169s Check that the request matches the signature 1169s Signature ok 1169s Certificate Details: 1169s Serial Number: 5 (0x5) 1169s Validity 1169s Not Before: Mar 21 15:51:56 2024 GMT 1169s Not After : Mar 21 15:51:56 2025 GMT 1169s Subject: 1169s organizationName = Test Organization 1169s organizationalUnitName = Test Organization Unit 1169s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 1169s X509v3 extensions: 1169s X509v3 Authority Key Identifier: 1169s E8:91:14:0F:6D:C1:03:D1:77:DE:C2:04:12:2A:13:4F:F3:9A:9F:6D 1169s X509v3 Basic Constraints: 1169s CA:FALSE 1169s Netscape Cert Type: 1169s SSL Client, S/MIME 1169s Netscape Comment: 1169s Test Organization Sub Intermediate CA trusted Certificate 1169s X509v3 Subject Key Identifier: 1169s 22:33:FD:AA:A6:55:04:95:6C:64:1A:F3:68:6E:DA:A5:9D:E4:61:C3 1169s X509v3 Key Usage: critical 1169s Digital Signature, Non Repudiation, Key Encipherment 1169s X509v3 Extended Key Usage: 1169s TLS Web Client Authentication, E-mail Protection 1169s X509v3 Subject Alternative Name: 1169s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1169s Certificate is to be certified until Mar 21 15:51:56 2025 GMT (365 days) 1169s 1169s Write out database with 1 new entries 1169s Database updated 1169s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s + echo 'This certificate should not be trusted fully' 1169s This certificate should not be trusted fully 1169s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s + local cmd=openssl 1169s + shift 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1169s error 2 at 1 depth lookup: unable to get issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1169s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s + local cmd=openssl 1169s + shift 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1169s error 20 at 0 depth lookup: unable to get local issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1169s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1169s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s + local cmd=openssl 1169s + shift 1169s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1169s error 20 at 0 depth lookup: unable to get local issuer certificate 1169s error /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1169s Building a the full-chain CA file... 1169s + echo 'Building a the full-chain CA file...' 1169s + cat /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1169s + cat /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem 1169s + cat /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1169s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem 1169s + openssl pkcs7 -print_certs -noout 1169s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1169s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1169s 1169s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1169s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1169s 1169s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1169s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1169s 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA.pem: OK 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem: OK 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem: OK 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-root-intermediate-chain-CA.pem: OK 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-root-intermediate-chain-CA.pem 1169s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1169s + echo 'Certificates generation completed!' 1169s Certificates generation completed! 1169s + [[ -v NO_SSSD_TESTS ]] 1169s + [[ -v GENERATE_SMART_CARDS ]] 1169s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29553 1169s + local certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s + local key_pass=pass:random-root-ca-trusted-cert-0001-29553 1169s + local key_cn 1169s + local key_name 1169s + local tokens_dir 1169s + local output_cert_file 1169s + token_name= 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem .pem 1169s + key_name=test-root-CA-trusted-certificate-0001 1169s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem 1169s ++ sed -n 's/ *commonName *= //p' 1169s + key_cn='Test Organization Root Trusted Certificate 0001' 1169s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1169s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf 1169s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1169s + tokens_dir=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001 1169s + token_name='Test Organization Root Tr Token' 1169s + '[' '!' -e /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1169s + local key_file 1169s + local decrypted_key 1169s + mkdir -p /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001 1169s + key_file=/tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key.pem 1169s + decrypted_key=/tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1169s + cat 1169s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 1169s Slot 0 has a free/uninitialized token. 1169s The token has been initialized and is reassigned to slot 357913468 1169s + softhsm2-util --show-slots 1169s Available slots: 1169s Slot 357913468 1169s Slot info: 1169s Description: SoftHSM slot ID 0x1555537c 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 44e8dbf51555537c 1169s Initialized: yes 1169s User PIN init.: yes 1169s Label: Test Organization Root Tr Token 1169s Slot 1 1169s Slot info: 1169s Description: SoftHSM slot ID 0x1 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 1169s Initialized: no 1169s User PIN init.: no 1169s Label: 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-29553 -in /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1169s writing RSA key 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s + rm /tmp/sssd-softhsm2-certs-Jha9RD/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1169s Object 0: 1169s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=44e8dbf51555537c;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 1169s Type: X.509 Certificate (RSA-1024) 1169s Expires: Fri Mar 21 15:51:56 2025 1169s Label: Test Organization Root Trusted Certificate 0001 1169s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1169s 1169s Test Organization Root Tr Token 1169s + echo 'Test Organization Root Tr Token' 1169s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-3347 1169s + local certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-3347 1169s + local key_cn 1169s + local key_name 1169s + local tokens_dir 1169s + local output_cert_file 1169s + token_name= 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem .pem 1169s + key_name=test-intermediate-CA-trusted-certificate-0001 1169s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem 1169s ++ sed -n 's/ *commonName *= //p' 1169s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1169s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1169s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1169s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1169s + tokens_dir=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001 1169s + token_name='Test Organization Interme Token' 1169s + '[' '!' -e /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1169s + local key_file 1169s + local decrypted_key 1169s + mkdir -p /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-intermediate-CA-trusted-certificate-0001 1169s + key_file=/tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key.pem 1169s + decrypted_key=/tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s + cat 1169s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 1169s Slot 0 has a free/uninitialized token. 1169s The token has been initialized and is reassigned to slot 220268141 1169s + softhsm2-util --show-slots 1169s Available slots: 1169s Slot 220268141 1169s Slot info: 1169s Description: SoftHSM slot ID 0xd21066d 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 470cded08d21066d 1169s Initialized: yes 1169s User PIN init.: yes 1169s Label: Test Organization Interme Token 1169s Slot 1 1169s Slot info: 1169s Description: SoftHSM slot ID 0x1 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 1169s Initialized: no 1169s User PIN init.: no 1169s Label: 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-3347 -in /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s writing RSA key 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s + rm /tmp/sssd-softhsm2-certs-Jha9RD/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1169s Object 0: 1169s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=470cded08d21066d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 1169s Type: X.509 Certificate (RSA-1024) 1169s Expires: Fri Mar 21 15:51:56 2025 1169s Label: Test Organization Intermediate Trusted Certificate 0001 1169s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1169s 1169s + echo 'Test Organization Interme Token' 1169s Test Organization Interme Token 1169s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-7553 1169s + local certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-7553 1169s + local key_cn 1169s + local key_name 1169s + local tokens_dir 1169s + local output_cert_file 1169s + token_name= 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1169s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1169s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem 1169s ++ sed -n 's/ *commonName *= //p' 1169s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1169s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1169s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1169s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1169s ++ basename /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1169s + tokens_dir=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1169s + token_name='Test Organization Sub Int Token' 1169s + '[' '!' -e /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1169s + local key_file 1169s + local decrypted_key 1169s + mkdir -p /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1169s + key_file=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 1169s + decrypted_key=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s + cat 1169s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 1169s Slot 0 has a free/uninitialized token. 1169s The token has been initialized and is reassigned to slot 1190007622 1169s + softhsm2-util --show-slots 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s Available slots: 1169s Slot 1190007622 1169s Slot info: 1169s Description: SoftHSM slot ID 0x46ee1346 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 7a1e032fc6ee1346 1169s Initialized: yes 1169s User PIN init.: yes 1169s Label: Test Organization Sub Int Token 1169s Slot 1 1169s Slot info: 1169s Description: SoftHSM slot ID 0x1 1169s Manufacturer ID: SoftHSM project 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Token present: yes 1169s Token info: 1169s Manufacturer ID: SoftHSM project 1169s Model: SoftHSM v2 1169s Hardware version: 2.6 1169s Firmware version: 2.6 1169s Serial number: 1169s Initialized: no 1169s User PIN init.: no 1169s Label: 1169s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-7553 -in /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s writing RSA key 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1169s + rm /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1169s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1169s Object 0: 1169s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7a1e032fc6ee1346;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 1169s Type: X.509 Certificate (RSA-1024) 1169s Expires: Fri Mar 21 15:51:56 2025 1169s Label: Test Organization Sub Intermediate Trusted Certificate 0001 1169s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1169s 1169s + echo 'Test Organization Sub Int Token' 1169s Test Organization Sub Int Token 1169s + echo 'Certificates generation completed!' 1169s Certificates generation completed! 1169s + exit 0 1169s + find /tmp/sssd-softhsm2-certs-Jha9RD -type d -exec chmod 777 '{}' ';' 1169s + find /tmp/sssd-softhsm2-certs-Jha9RD -type f -exec chmod 666 '{}' ';' 1169s + backup_file /etc/sssd/sssd.conf 1169s + '[' -z '' ']' 1169s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 1169s + backupsdir=/tmp/sssd-softhsm2-backups-3UjH35 1169s + '[' -e /etc/sssd/sssd.conf ']' 1169s + delete_paths+=("$1") 1169s + rm -f /etc/sssd/sssd.conf 1169s ++ runuser -u ubuntu -- sh -c 'echo ~' 1169s + user_home=/home/ubuntu 1169s + mkdir -p /home/ubuntu 1169s + chown ubuntu:ubuntu /home/ubuntu 1169s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 1169s + user_config=/home/ubuntu/.config 1169s + system_config=/etc 1169s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 1169s + for path_pair in "${softhsm2_conf_paths[@]}" 1169s + IFS=: 1169s + read -r -a path 1169s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1169s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 1169s + '[' -z /tmp/sssd-softhsm2-backups-3UjH35 ']' 1169s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 1169s + delete_paths+=("$1") 1169s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 1169s + for path_pair in "${softhsm2_conf_paths[@]}" 1169s + IFS=: 1169s + read -r -a path 1169s + path=/etc/softhsm/softhsm2.conf 1169s + backup_file /etc/softhsm/softhsm2.conf 1169s + '[' -z /tmp/sssd-softhsm2-backups-3UjH35 ']' 1169s + '[' -e /etc/softhsm/softhsm2.conf ']' 1169s ++ dirname /etc/softhsm/softhsm2.conf 1169s + local back_dir=/tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm 1169s ++ basename /etc/softhsm/softhsm2.conf 1169s + local back_path=/tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm/softhsm2.conf 1169s + '[' '!' -e /tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm/softhsm2.conf ']' 1169s + mkdir -p /tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm 1169s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm/softhsm2.conf 1169s + restore_paths+=("$back_path") 1169s + rm -f /etc/softhsm/softhsm2.conf 1169s + test_authentication login /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem 1169s + pam_service=login 1169s + certificate_config=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf 1169s + ca_db=/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem 1169s + verification_options= 1169s + mkdir -p -m 700 /etc/sssd 1169s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 1169s Using CA DB '/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem' with verification options: '' 1169s + cat 1169s + chmod 600 /etc/sssd/sssd.conf 1169s + for path_pair in "${softhsm2_conf_paths[@]}" 1169s + IFS=: 1169s + read -r -a path 1169s + user=ubuntu 1169s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1169s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1169s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1170s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1170s + runuser -u ubuntu -- softhsm2-util --show-slots 1170s + grep 'Test Organization' 1170s Label: Test Organization Root Tr Token 1170s + for path_pair in "${softhsm2_conf_paths[@]}" 1170s + IFS=: 1170s + read -r -a path 1170s + user=root 1170s + path=/etc/softhsm/softhsm2.conf 1170s ++ dirname /etc/softhsm/softhsm2.conf 1170s + runuser -u root -- mkdir -p /etc/softhsm 1170s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1170s + runuser -u root -- softhsm2-util --show-slots 1170s + grep 'Test Organization' 1170s Label: Test Organization Root Tr Token 1170s + systemctl restart sssd 1170s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1170s + for alternative in "${alternative_pam_configs[@]}" 1170s + pam-auth-update --enable sss-smart-card-optional 1170s + cat /etc/pam.d/common-auth 1170s # 1170s # /etc/pam.d/common-auth - authentication settings common to all services 1170s # 1170s # This file is included from other service-specific PAM config files, 1170s # and should contain a list of the authentication modules that define 1170s # the central authentication scheme for use on the system 1170s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1170s # traditional Unix authentication mechanisms. 1170s # 1170s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1170s # To take advantage of this, it is recommended that you configure any 1170s # local modules either before or after the default block, and use 1170s # pam-auth-update to manage selection of other modules. See 1170s # pam-auth-update(8) for details. 1170s 1170s # here are the per-package modules (the "Primary" block) 1170s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1170s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1170s auth [success=1 default=ignore] pam_sss.so use_first_pass 1170s # here's the fallback if no module succeeds 1170s auth requisite pam_deny.so 1170s # prime the stack with a positive return value if there isn't one already; 1170s # this avoids us returning an error just because nothing sets a success code 1170s # since the modules above will each just jump around 1170s auth required pam_permit.so 1170s # and here are more per-package modules (the "Additional" block) 1170s auth optional pam_cap.so 1170s # end of pam-auth-update config 1170s + echo -n -e 123456 1170s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1170s pamtester: invoking pam_start(login, ubuntu, ...) 1170s pamtester: performing operation - authenticate 1170s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1170s + echo -n -e 123456 1170s + runuser -u ubuntu -- pamtester -v login '' authenticate 1170s pamtester: invoking pam_start(login, , ...) 1170s pamtester: performing operation - authenticate 1170s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1170s + echo -n -e wrong123456 1170s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1170s pamtester: invoking pam_start(login, ubuntu, ...) 1170s pamtester: performing operation - authenticate 1173s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 1173s + echo -n -e wrong123456 1173s + runuser -u ubuntu -- pamtester -v login '' authenticate 1173s pamtester: invoking pam_start(login, , ...) 1173s pamtester: performing operation - authenticate 1175s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 1175s + echo -n -e 123456 1175s + pamtester -v login root authenticate 1175s pamtester: invoking pam_start(login, root, ...) 1175s pamtester: performing operation - authenticate 1178s Password: pamtester: Authentication failure 1178s + for alternative in "${alternative_pam_configs[@]}" 1178s + pam-auth-update --enable sss-smart-card-required 1178s PAM configuration 1178s ----------------- 1178s 1178s Incompatible PAM profiles selected. 1178s 1178s The following PAM profiles cannot be used together: 1178s 1178s SSS required smart card authentication, SSS optional smart card 1178s authentication 1178s 1178s Please select a different set of modules to enable. 1178s 1178s + cat /etc/pam.d/common-auth 1178s # 1178s # /etc/pam.d/common-auth - authentication settings common to all services 1178s # 1178s # This file is included from other service-specific PAM config files, 1178s # and should contain a list of the authentication modules that define 1178s # the central authentication scheme for use on the system 1178s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1178s # traditional Unix authentication mechanisms. 1178s # 1178s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1178s # To take advantage of this, it is recommended that you configure any 1178s # local modules either before or after the default block, and use 1178s # pam-auth-update to manage selection of other modules. See 1178s # pam-auth-update(8) for details. 1178s 1178s # here are the per-package modules (the "Primary" block) 1178s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1178s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1178s auth [success=1 default=ignore] pam_sss.so use_first_pass 1178s # here's the fallback if no module succeeds 1178s auth requisite pam_deny.so 1178s # prime the stack with a positive return value if there isn't one already; 1178s # this avoids us returning an error just because nothing sets a success code 1178s # since the modules above will each just jump around 1178s auth required pam_permit.so 1178s # and here are more per-package modules (the "Additional" block) 1178s auth optional pam_cap.so 1178s # end of pam-auth-update config 1178s + echo -n -e 123456 1178s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1178s pamtester: invoking pam_start(login, ubuntu, ...) 1178s pamtester: performing operation - authenticate 1178s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1178s + echo -n -e 123456 1178s + runuser -u ubuntu -- pamtester -v login '' authenticate 1178s pamtester: invoking pam_start(login, , ...) 1178s pamtester: performing operation - authenticate 1178s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1178s + echo -n -e wrong123456 1178s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1178s pamtester: invoking pam_start(login, ubuntu, ...) 1178s pamtester: performing operation - authenticate 1182s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 1182s + echo -n -e wrong123456 1182s + runuser -u ubuntu -- pamtester -v login '' authenticate 1182s pamtester: invoking pam_start(login, , ...) 1182s pamtester: performing operation - authenticate 1184s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 1184s + echo -n -e 123456 1184s + pamtester -v login root authenticate 1184s pamtester: invoking pam_start(login, root, ...) 1184s pamtester: performing operation - authenticate 1187s pamtester: Authentication service cannot retrieve authentication info 1187s + test_authentication login /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem 1187s + pam_service=login 1187s + certificate_config=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1187s + ca_db=/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem 1187s + verification_options= 1187s + mkdir -p -m 700 /etc/sssd 1187s Using CA DB '/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem' with verification options: '' 1187s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-Jha9RD/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 1187s + cat 1187s + chmod 600 /etc/sssd/sssd.conf 1187s + for path_pair in "${softhsm2_conf_paths[@]}" 1187s + IFS=: 1187s + read -r -a path 1187s + user=ubuntu 1187s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1187s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1187s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1187s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1187s + runuser -u ubuntu -- softhsm2-util --show-slots 1187s + grep 'Test Organization' 1187s + for path_pair in "${softhsm2_conf_paths[@]}" 1187s + IFS=: 1187s + read -r -a path 1187s + user=root 1187s + path=/etc/softhsm/softhsm2.conf 1187s ++ dirname /etc/softhsm/softhsm2.conf 1187s + runuser -u root -- mkdir -p /etc/softhsm 1187s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1187s + runuser -u root -- softhsm2-util --show-slots 1187s + grep 'Test Organization' 1187s + systemctl restart sssd 1187s Label: Test Organization Sub Int Token 1187s Label: Test Organization Sub Int Token 1187s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1188s + for alternative in "${alternative_pam_configs[@]}" 1188s + pam-auth-update --enable sss-smart-card-optional 1188s + cat /etc/pam.d/common-auth 1188s # 1188s # /etc/pam.d/common-auth - authentication settings common to all services 1188s # 1188s # This file is included from other service-specific PAM config files, 1188s # and should contain a list of the authentication modules that define 1188s # the central authentication scheme for use on the system 1188s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1188s # traditional Unix authentication mechanisms. 1188s # 1188s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1188s # To take advantage of this, it is recommended that you configure any 1188s # local modules either before or after the default block, and use 1188s # pam-auth-update to manage selection of other modules. See 1188s # pam-auth-update(8) for details. 1188s 1188s # here are the per-package modules (the "Primary" block) 1188s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1188s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1188s auth [success=1 default=ignore] pam_sss.so use_first_pass 1188s # here's the fallback if no module succeeds 1188s auth requisite pam_deny.so 1188s # prime the stack with a positive return value if there isn't one already; 1188s # this avoids us returning an error just because nothing sets a success code 1188s # since the modules above will each just jump around 1188s auth required pam_permit.so 1188s # and here are more per-package modules (the "Additional" block) 1188s auth optional pam_cap.so 1188s # end of pam-auth-update config 1188s + echo -n -e 123456 1188s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1188s pamtester: invoking pam_start(login, ubuntu, ...) 1188s pamtester: performing operation - authenticate 1188s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1188s + echo -n -e 123456 1188s + runuser -u ubuntu -- pamtester -v login '' authenticate 1188s pamtester: invoking pam_start(login, , ...) 1188s pamtester: performing operation - authenticate 1188s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1188s + echo -n -e wrong123456 1188s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1188s pamtester: invoking pam_start(login, ubuntu, ...) 1188s pamtester: performing operation - authenticate 1191s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1191s + echo -n -e wrong123456 1191s + runuser -u ubuntu -- pamtester -v login '' authenticate 1191s pamtester: invoking pam_start(login, , ...) 1191s pamtester: performing operation - authenticate 1193s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1193s + echo -n -e 123456 1193s + pamtester -v login root authenticate 1193s pamtester: invoking pam_start(login, root, ...) 1193s pamtester: performing operation - authenticate 1196s Password: pamtester: Authentication failure 1196s + for alternative in "${alternative_pam_configs[@]}" 1196s + pam-auth-update --enable sss-smart-card-required 1196s PAM configuration 1196s ----------------- 1196s 1196s Incompatible PAM profiles selected. 1196s 1196s The following PAM profiles cannot be used together: 1196s 1196s SSS required smart card authentication, SSS optional smart card 1196s authentication 1196s 1196s Please select a different set of modules to enable. 1196s 1196s + cat /etc/pam.d/common-auth 1196s # 1196s # /etc/pam.d/common-auth - authentication settings common to all services 1196s # 1196s # This file is included from other service-specific PAM config files, 1196s # and should contain a list of the authentication modules that define 1196s # the central authentication scheme for use on the system 1196s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1196s # traditional Unix authentication mechanisms. 1196s # 1196s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1196s # To take advantage of this, it is recommended that you configure any 1196s # local modules either before or after the default block, and use 1196s # pam-auth-update to manage selection of other modules. See 1196s # pam-auth-update(8) for details. 1196s 1196s # here are the per-package modules (the "Primary" block) 1196s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1196s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1196s auth [success=1 default=ignore] pam_sss.so use_first_pass 1196s # here's the fallback if no module succeeds 1196s auth requisite pam_deny.so 1196s # prime the stack with a positive return value if there isn't one already; 1196s # this avoids us returning an error just because nothing sets a success code 1196s # since the modules above will each just jump around 1196s auth required pam_permit.so 1196s # and here are more per-package modules (the "Additional" block) 1196s auth optional pam_cap.so 1196s # end of pam-auth-update config 1196s + echo -n -e 123456 1196s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1196s pamtester: invoking pam_start(login, ubuntu, ...) 1196s pamtester: performing operation - authenticate 1196s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1196s + echo -n -e 123456 1196s + runuser -u ubuntu -- pamtester -v login '' authenticate 1196s pamtester: invoking pam_start(login, , ...) 1196s pamtester: performing operation - authenticate 1196s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1196s + echo -n -e wrong123456 1196s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1196s pamtester: invoking pam_start(login, ubuntu, ...) 1196s pamtester: performing operation - authenticate 1199s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1199s + echo -n -e wrong123456 1199s + runuser -u ubuntu -- pamtester -v login '' authenticate 1199s pamtester: invoking pam_start(login, , ...) 1199s pamtester: performing operation - authenticate 1202s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1202s + echo -n -e 123456 1202s + pamtester -v login root authenticate 1202s pamtester: invoking pam_start(login, root, ...) 1202s pamtester: performing operation - authenticate 1205s pamtester: Authentication service cannot retrieve authentication info 1205s + test_authentication login /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem partial_chain 1205s + pam_service=login 1205s + certificate_config=/tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1205s + ca_db=/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem 1205s + verification_options=partial_chain 1205s + mkdir -p -m 700 /etc/sssd 1205s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 1205s Using CA DB '/tmp/sssd-softhsm2-certs-Jha9RD/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 1205s + cat 1205s + chmod 600 /etc/sssd/sssd.conf 1205s + for path_pair in "${softhsm2_conf_paths[@]}" 1205s + IFS=: 1205s + read -r -a path 1205s + user=ubuntu 1205s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1205s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1205s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1205s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1205s + runuser -u ubuntu -- softhsm2-util --show-slots 1205s + grep 'Test Organization' 1205s + for path_pair in "${softhsm2_conf_paths[@]}" 1205s + IFS=: 1205s + read -r -a path 1205s + user=root 1205s + path=/etc/softhsm/softhsm2.conf 1205s ++ dirname /etc/softhsm/softhsm2.conf 1205s + runuser -u root -- mkdir -p /etc/softhsm 1205s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-Jha9RD/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1205s + runuser -u root -- softhsm2-util --show-slots 1205s + grep 'Test Organization' 1205s Label: Test Organization Sub Int Token 1205s Label: Test Organization Sub Int Token 1205s + systemctl restart sssd 1205s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1206s + for alternative in "${alternative_pam_configs[@]}" 1206s + pam-auth-update --enable sss-smart-card-optional 1206s + cat /etc/pam.d/common-auth 1206s # 1206s # /etc/pam.d/common-auth - authentication settings common to all services 1206s # 1206s # This file is included from other service-specific PAM config files, 1206s # and should contain a list of the authentication modules that define 1206s # the central authentication scheme for use on the system 1206s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1206s # traditional Unix authentication mechanisms. 1206s # 1206s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1206s # To take advantage of this, it is recommended that you configure any 1206s # local modules either before or after the default block, and use 1206s # pam-auth-update to manage selection of other modules. See 1206s # pam-auth-update(8) for details. 1206s 1206s # here are the per-package modules (the "Primary" block) 1206s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1206s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1206s auth [success=1 default=ignore] pam_sss.so use_first_pass 1206s # here's the fallback if no module succeeds 1206s auth requisite pam_deny.so 1206s # prime the stack with a positive return value if there isn't one already; 1206s # this avoids us returning an error just because nothing sets a success code 1206s # since the modules above will each just jump around 1206s auth required pam_permit.so 1206s # and here are more per-package modules (the "Additional" block) 1206s auth optional pam_cap.so 1206s # end of pam-auth-update config 1206s + echo -n -e 123456 1206s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1206s pamtester: invoking pam_start(login, ubuntu, ...) 1206s pamtester: performing operation - authenticate 1206s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1206s + echo -n -e 123456 1206s + runuser -u ubuntu -- pamtester -v login '' authenticate 1206s pamtester: invoking pam_start(login, , ...) 1206s pamtester: performing operation - authenticate 1206s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1206s + echo -n -e wrong123456 1206s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1206s pamtester: invoking pam_start(login, ubuntu, ...) 1206s pamtester: performing operation - authenticate 1211s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1211s + echo -n -e wrong123456 1211s + runuser -u ubuntu -- pamtester -v login '' authenticate 1211s pamtester: invoking pam_start(login, , ...) 1211s pamtester: performing operation - authenticate 1211s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1211s + echo -n -e 123456 1211s + pamtester -v login root authenticate 1211s pamtester: invoking pam_start(login, root, ...) 1211s pamtester: performing operation - authenticate 1214s Password: pamtester: Authentication failure 1214s + for alternative in "${alternative_pam_configs[@]}" 1214s + pam-auth-update --enable sss-smart-card-required 1214s PAM configuration 1214s ----------------- 1214s 1214s Incompatible PAM profiles selected. 1214s 1214s The following PAM profiles cannot be used together: 1214s 1214s SSS required smart card authentication, SSS optional smart card 1214s authentication 1214s 1214s Please select a different set of modules to enable. 1214s 1214s + cat /etc/pam.d/common-auth 1214s # 1214s # /etc/pam.d/common-auth - authentication settings common to all services 1214s # 1214s # This file is included from other service-specific PAM config files, 1214s # and should contain a list of the authentication modules that define 1214s # the central authentication scheme for use on the system 1214s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1214s # traditional Unix authentication mechanisms. 1214s # 1214s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1214s # To take advantage of this, it is recommended that you configure any 1214s # local modules either before or after the default block, and use 1214s # pam-auth-update to manage selection of other modules. See 1214s # pam-auth-update(8) for details. 1214s 1214s # here are the per-package modules (the "Primary" block) 1214s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1214s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1214s auth [success=1 default=ignore] pam_sss.so use_first_pass 1214s # here's the fallback if no module succeeds 1214s auth requisite pam_deny.so 1214s # prime the stack with a positive return value if there isn't one already; 1214s # this avoids us returning an error just because nothing sets a success code 1214s # since the modules above will each just jump around 1214s auth required pam_permit.so 1214s # and here are more per-package modules (the "Additional" block) 1214s auth optional pam_cap.so 1214s # end of pam-auth-update config 1214s + echo -n -e 123456 1214s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1214s pamtester: invoking pam_start(login, ubuntu, ...) 1214s pamtester: performing operation - authenticate 1214s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1214s + echo -n -e 123456 1214s + runuser -u ubuntu -- pamtester -v login '' authenticate 1214s pamtester: invoking pam_start(login, , ...) 1214s pamtester: performing operation - authenticate 1214s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1214s + echo -n -e wrong123456 1214s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1214s pamtester: invoking pam_start(login, ubuntu, ...) 1214s pamtester: performing operation - authenticate 1217s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1217s + echo -n -e wrong123456 1217s + runuser -u ubuntu -- pamtester -v login '' authenticate 1217s pamtester: invoking pam_start(login, , ...) 1217s pamtester: performing operation - authenticate 1219s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1219s + echo -n -e 123456 1219s + pamtester -v login root authenticate 1219s pamtester: invoking pam_start(login, root, ...) 1219s pamtester: performing operation - authenticate 1223s pamtester: Authentication service cannot retrieve authentication info 1223s + handle_exit 1223s + exit_code=0 1223s + restore_changes 1223s + for path in "${restore_paths[@]}" 1223s + local original_path 1223s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-3UjH35 /tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm/softhsm2.conf 1223s + original_path=/etc/softhsm/softhsm2.conf 1223s + rm /etc/softhsm/softhsm2.conf 1223s + mv /tmp/sssd-softhsm2-backups-3UjH35//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 1223s + for path in "${delete_paths[@]}" 1223s + rm -f /etc/sssd/sssd.conf 1223s + for path in "${delete_paths[@]}" 1223s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 1223s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1223s + '[' -e /etc/sssd/sssd.conf ']' 1223s + systemctl stop sssd 1223s + '[' -e /etc/softhsm/softhsm2.conf ']' 1223s + chmod 600 /etc/softhsm/softhsm2.conf 1223s + rm -rf /tmp/sssd-softhsm2-certs-Jha9RD 1223s + '[' 0 = 0 ']' 1223s + rm -rf /tmp/sssd-softhsm2-backups-3UjH35 1223s Script completed successfully! 1223s + set +x 1224s autopkgtest [15:52:51]: test sssd-smart-card-pam-auth-configs: -----------------------] 1224s autopkgtest [15:52:51]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 1224s sssd-smart-card-pam-auth-configs PASS 1225s autopkgtest [15:52:52]: @@@@@@@@@@@@@@@@@@@@ summary 1225s ldap-user-group-ldap-auth PASS 1225s ldap-user-group-krb5-auth PASS 1225s sssd-softhism2-certificates-tests.sh PASS 1225s sssd-smart-card-pam-auth-configs PASS 1258s Creating nova instance adt-noble-ppc64el-sssd-20240321-153227-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-ppc64el-server-20240321.img (UUID f9947641-425a-45c2-937a-6db4500fbfac)... 1258s Creating nova instance adt-noble-ppc64el-sssd-20240321-153227-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-ppc64el-server-20240321.img (UUID f9947641-425a-45c2-937a-6db4500fbfac)...