0s autopkgtest [22:38:57]: starting date and time: 2024-03-23 22:38:57+0000 0s autopkgtest [22:38:57]: git checkout: 4a1cd702 l/adt_testbed: don't blame the testbed for unsolvable build deps 0s autopkgtest [22:38:57]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.5tjcapcn/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --setup-commands /home/ubuntu/autopkgtest/setup-commands/setup-testbed --apt-pocket=proposed=src:samba,src:cups,src:db5.3,src:gnutls28,src:gpgme1.0,src:libarchive,src:libtirpc,src:nettle,src:openssl,src:python3.12,src:readline,src:sssd,src:tevent --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=samba/2:4.19.5+dfsg-4ubuntu7 cups/2.4.7-1.2ubuntu1 db5.3/5.3.28+dfsg2-6 gnutls28/3.8.3-1.1ubuntu2 gpgme1.0/1.18.0-4.1ubuntu3 libarchive/3.7.2-1.1ubuntu2 libtirpc/1.3.4+ds-1.1 nettle/3.9.1-2.2 openssl/3.0.13-0ubuntu2 python3.12/3.12.2-4build3 readline/8.2-4 sssd/2.9.4-1.1ubuntu3 tevent/0.16.1-2' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos01-ppc64el-17.secgroup --name adt-noble-ppc64el-sssd-20240323-223857-juju-7f2275-prod-proposed-migration-environment-3 --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://us.ports.ubuntu.com/ubuntu-ports/ 193s autopkgtest [22:42:10]: testbed dpkg architecture: ppc64el 193s autopkgtest [22:42:10]: testbed apt version: 2.7.12 193s autopkgtest [22:42:10]: @@@@@@@@@@@@@@@@@@@@ test bed setup 194s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 194s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3966 kB] 195s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [56.9 kB] 195s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [494 kB] 195s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 195s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [661 kB] 195s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 195s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 195s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 195s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4254 kB] 195s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 195s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [60.8 kB] 195s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 198s Fetched 9629 kB in 2s (4218 kB/s) 199s Reading package lists... 201s Reading package lists... 201s Building dependency tree... 201s Reading state information... 201s Calculating upgrade... 202s The following packages will be REMOVED: 202s libreadline8 libssl3 202s The following NEW packages will be installed: 202s libreadline8t64 libssl3t64 202s The following packages have been kept back: 202s libpython3.12-minimal libpython3.12-stdlib python3.12 python3.12-minimal 202s The following packages will be upgraded: 202s cloud-init fonts-ubuntu-console libbsd0 libc-bin libc6 libtirpc-common 202s locales openssl python3-markupsafe readline-common 202s 10 upgraded, 2 newly installed, 2 to remove and 4 not upgraded. 202s Need to get 12.3 MB of archives. 202s After this operation, 12.3 kB of additional disk space will be used. 202s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el libc6 ppc64el 2.39-0ubuntu6 [3274 kB] 202s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-bin ppc64el 2.39-0ubuntu6 [751 kB] 202s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el readline-common all 8.2-4 [56.4 kB] 202s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libreadline8t64 ppc64el 8.2-4 [182 kB] 202s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el openssl ppc64el 3.0.13-0ubuntu2 [1026 kB] 203s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libssl3t64 ppc64el 3.0.13-0ubuntu2 [2125 kB] 203s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libbsd0 ppc64el 0.12.1-1 [56.9 kB] 203s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libtirpc-common all 1.3.4+ds-1.1 [8018 B] 203s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el locales all 2.39-0ubuntu6 [4232 kB] 203s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el fonts-ubuntu-console all 0.869+git20240321-0ubuntu1 [18.7 kB] 203s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-markupsafe ppc64el 2.1.5-1build1 [13.2 kB] 203s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el cloud-init all 24.1.2-0ubuntu1 [597 kB] 203s Preconfiguring packages ... 203s Fetched 12.3 MB in 1s (9016 kB/s) 203s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 203s Preparing to unpack .../libc6_2.39-0ubuntu6_ppc64el.deb ... 204s Unpacking libc6:ppc64el (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 204s Setting up libc6:ppc64el (2.39-0ubuntu6) ... 204s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 204s Preparing to unpack .../libc-bin_2.39-0ubuntu6_ppc64el.deb ... 204s Unpacking libc-bin (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 204s Setting up libc-bin (2.39-0ubuntu6) ... 204s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 204s Preparing to unpack .../readline-common_8.2-4_all.deb ... 204s Unpacking readline-common (8.2-4) over (8.2-3) ... 204s dpkg: libreadline8:ppc64el: dependency problems, but removing anyway as you requested: 204s parted depends on libreadline8 (>= 6.0). 204s libpython3.12-stdlib:ppc64el depends on libreadline8 (>= 7.0~beta). 204s libpython3.11-stdlib:ppc64el depends on libreadline8 (>= 7.0~beta). 204s gpgsm depends on libreadline8 (>= 6.0). 204s gpgconf depends on libreadline8 (>= 6.0). 204s gpg depends on libreadline8 (>= 6.0). 204s gawk depends on libreadline8 (>= 6.0). 204s fdisk depends on libreadline8 (>= 6.0). 204s bc depends on libreadline8 (>= 6.0). 204s 205s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 205s Removing libreadline8:ppc64el (8.2-3) ... 205s Selecting previously unselected package libreadline8t64:ppc64el. 205s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70145 files and directories currently installed.) 205s Preparing to unpack .../libreadline8t64_8.2-4_ppc64el.deb ... 205s Adding 'diversion of /lib/powerpc64le-linux-gnu/libhistory.so.8 to /lib/powerpc64le-linux-gnu/libhistory.so.8.usr-is-merged by libreadline8t64' 205s Adding 'diversion of /lib/powerpc64le-linux-gnu/libhistory.so.8.2 to /lib/powerpc64le-linux-gnu/libhistory.so.8.2.usr-is-merged by libreadline8t64' 205s Adding 'diversion of /lib/powerpc64le-linux-gnu/libreadline.so.8 to /lib/powerpc64le-linux-gnu/libreadline.so.8.usr-is-merged by libreadline8t64' 205s Adding 'diversion of /lib/powerpc64le-linux-gnu/libreadline.so.8.2 to /lib/powerpc64le-linux-gnu/libreadline.so.8.2.usr-is-merged by libreadline8t64' 205s Unpacking libreadline8t64:ppc64el (8.2-4) ... 205s Preparing to unpack .../openssl_3.0.13-0ubuntu2_ppc64el.deb ... 205s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 205s dpkg: libssl3:ppc64el: dependency problems, but removing anyway as you requested: 205s wget depends on libssl3 (>= 3.0.0). 205s tnftp depends on libssl3 (>= 3.0.0). 205s tcpdump depends on libssl3 (>= 3.0.0). 205s systemd-resolved depends on libssl3 (>= 3.0.0). 205s systemd depends on libssl3 (>= 3.0.0). 205s sudo depends on libssl3 (>= 3.0.0). 205s rsync depends on libssl3 (>= 3.0.0). 205s python3-cryptography depends on libssl3 (>= 3.0.0). 205s openssh-server depends on libssl3 (>= 3.0.10). 205s openssh-client depends on libssl3 (>= 3.0.10). 205s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 205s libsystemd-shared:ppc64el depends on libssl3 (>= 3.0.0). 205s libssh-4:ppc64el depends on libssl3 (>= 3.0.0). 205s libsasl2-modules:ppc64el depends on libssl3 (>= 3.0.0). 205s libsasl2-2:ppc64el depends on libssl3 (>= 3.0.0). 205s libpython3.12-minimal:ppc64el depends on libssl3 (>= 3.0.0). 205s libpython3.11-minimal:ppc64el depends on libssl3 (>= 3.0.0). 205s libnvme1 depends on libssl3 (>= 3.0.0). 205s libkrb5-3:ppc64el depends on libssl3 (>= 3.0.0). 205s libkmod2:ppc64el depends on libssl3 (>= 3.0.0). 205s libfido2-1:ppc64el depends on libssl3 (>= 3.0.0). 205s libcurl4:ppc64el depends on libssl3 (>= 3.0.0). 205s libcryptsetup12:ppc64el depends on libssl3 (>= 3.0.0). 205s kmod depends on libssl3 (>= 3.0.0). 205s dhcpcd-base depends on libssl3 (>= 3.0.0). 205s bind9-libs:ppc64el depends on libssl3 (>= 3.0.0). 205s 205s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70165 files and directories currently installed.) 205s Removing libssl3:ppc64el (3.0.10-1ubuntu4) ... 205s Selecting previously unselected package libssl3t64:ppc64el. 205s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70154 files and directories currently installed.) 205s Preparing to unpack .../0-libssl3t64_3.0.13-0ubuntu2_ppc64el.deb ... 205s Unpacking libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 205s Preparing to unpack .../1-libbsd0_0.12.1-1_ppc64el.deb ... 205s Unpacking libbsd0:ppc64el (0.12.1-1) over (0.11.8-1) ... 205s Preparing to unpack .../2-libtirpc-common_1.3.4+ds-1.1_all.deb ... 205s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 205s Preparing to unpack .../3-locales_2.39-0ubuntu6_all.deb ... 205s Unpacking locales (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 205s Preparing to unpack .../4-fonts-ubuntu-console_0.869+git20240321-0ubuntu1_all.deb ... 205s Unpacking fonts-ubuntu-console (0.869+git20240321-0ubuntu1) over (0.869-0ubuntu1) ... 205s Preparing to unpack .../5-python3-markupsafe_2.1.5-1build1_ppc64el.deb ... 205s Unpacking python3-markupsafe (2.1.5-1build1) over (2.1.5-1) ... 205s Preparing to unpack .../6-cloud-init_24.1.2-0ubuntu1_all.deb ... 205s Unpacking cloud-init (24.1.2-0ubuntu1) over (24.1.1-0ubuntu1) ... 206s Setting up fonts-ubuntu-console (0.869+git20240321-0ubuntu1) ... 206s Setting up cloud-init (24.1.2-0ubuntu1) ... 207s Setting up libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 207s Setting up libtirpc-common (1.3.4+ds-1.1) ... 207s Setting up locales (2.39-0ubuntu6) ... 207s Generating locales (this might take a while)... 209s en_US.UTF-8... done 209s Generation complete. 209s Setting up python3-markupsafe (2.1.5-1build1) ... 209s Setting up openssl (3.0.13-0ubuntu2) ... 209s Setting up libbsd0:ppc64el (0.12.1-1) ... 209s Setting up readline-common (8.2-4) ... 209s Setting up libreadline8t64:ppc64el (8.2-4) ... 209s Processing triggers for libc-bin (2.39-0ubuntu6) ... 209s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 209s Processing triggers for man-db (2.12.0-3) ... 210s Processing triggers for install-info (7.1-3) ... 210s Reading package lists... 210s Building dependency tree... 210s Reading state information... 211s 0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded. 211s sh: Attempting to set up Debian/Ubuntu apt sources automatically 211s sh: Distribution appears to be Ubuntu 212s Reading package lists... 212s Building dependency tree... 212s Reading state information... 212s eatmydata is already the newest version (131-1). 212s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 212s Reading package lists... 212s Building dependency tree... 212s Reading state information... 213s dbus is already the newest version (1.14.10-4ubuntu1). 213s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 213s Reading package lists... 213s Building dependency tree... 213s Reading state information... 213s rng-tools-debian is already the newest version (2.4). 213s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 213s Reading package lists... 213s Building dependency tree... 213s Reading state information... 213s The following packages will be REMOVED: 213s cloud-init* python3-configobj* python3-debconf* 214s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 214s After this operation, 3256 kB disk space will be freed. 214s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70166 files and directories currently installed.) 214s Removing cloud-init (24.1.2-0ubuntu1) ... 214s Removing python3-configobj (5.0.8-3) ... 214s Removing python3-debconf (1.5.86) ... 214s Processing triggers for man-db (2.12.0-3) ... 215s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69777 files and directories currently installed.) 215s Purging configuration files for cloud-init (24.1.2-0ubuntu1) ... 215s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 215s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 215s invoke-rc.d: policy-rc.d denied execution of try-restart. 215s Reading package lists... 216s Building dependency tree... 216s Reading state information... 216s linux-generic is already the newest version (6.8.0-11.11+1). 216s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 216s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 216s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 216s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 219s Reading package lists... 219s Reading package lists... 219s Building dependency tree... 219s Reading state information... 219s Calculating upgrade... 219s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 219s Reading package lists... 219s Building dependency tree... 219s Reading state information... 220s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 220s autopkgtest [22:42:37]: rebooting testbed after setup commands that affected boot 277s autopkgtest [22:43:34]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP Wed Feb 14 00:33:03 UTC 2024 280s autopkgtest [22:43:37]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 294s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 294s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 294s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 294s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 294s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 294s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 294s gpgv: Can't check signature: No public key 294s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 295s autopkgtest [22:43:52]: testing package sssd version 2.9.4-1ubuntu1 295s autopkgtest [22:43:52]: build not needed 299s autopkgtest [22:43:56]: test ldap-user-group-ldap-auth: preparing testbed 303s Reading package lists... 303s Building dependency tree... 303s Reading state information... 303s Starting pkgProblemResolver with broken count: 0 303s Starting 2 pkgProblemResolver with broken count: 0 303s Done 303s The following additional packages will be installed: 303s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 303s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 303s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 303s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 303s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 303s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 303s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 303s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 303s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 303s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 303s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 303s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 303s Suggested packages: 303s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 303s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 303s Recommended packages: 303s cracklib-runtime libsasl2-modules-gssapi-mit 303s | libsasl2-modules-gssapi-heimdal 303s The following NEW packages will be installed: 303s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 303s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 303s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 303s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 303s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 303s libpwquality1 libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 303s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 303s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 303s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 303s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 303s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 303s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 303s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 303s Need to get 14.3 MB/14.3 MB of archives. 303s After this operation, 69.9 MB of additional disk space will be used. 303s Get:1 /tmp/autopkgtest.Y0w0ep/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [868 B] 304s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7 [48.0 kB] 304s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libodbc2 ppc64el 2.3.12-1 [187 kB] 304s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [1768 kB] 304s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.13+dfsg-2 [1179 kB] 304s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.13+dfsg-2 [14.8 kB] 304s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-2build1 [112 kB] 304s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-2build1 [137 kB] 304s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [154 kB] 304s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 304s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 304s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 305s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 305s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 305s Get:15 http://ftpmaster.internal/ubuntu noble/universe ppc64el libjose0 ppc64el 11-3 [50.3 kB] 305s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1 ppc64el 0.3.1-1ubuntu5 [5960 B] 305s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1 ppc64el 0.3.1-1ubuntu5 [11.6 kB] 305s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libkrad0 ppc64el 1.20.1-5build1 [24.3 kB] 305s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 305s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 305s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 305s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 305s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 305s Get:24 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 305s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 305s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 305s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 305s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 305s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 305s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 305s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 305s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 305s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 305s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 305s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 305s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 305s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 306s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 306s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 306s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 306s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 306s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 306s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 306s Get:44 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-idp ppc64el 2.9.4-1ubuntu1 [30.8 kB] 306s Get:45 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-passkey ppc64el 2.9.4-1ubuntu1 [35.4 kB] 306s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 306s Get:47 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 306s Get:48 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 306s Get:49 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 306s Get:50 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 306s Get:51 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 306s Get:52 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 306s Get:53 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 306s Get:54 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 306s Get:55 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 306s Get:56 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-dbus ppc64el 2.9.4-1ubuntu1 [122 kB] 306s Get:57 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-kcm ppc64el 2.9.4-1ubuntu1 [160 kB] 306s Get:58 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-tools ppc64el 2.9.4-1ubuntu1 [108 kB] 306s Get:59 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1ubuntu1 [6666 B] 306s Get:60 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1ubuntu1 [5734 B] 306s Get:61 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1ubuntu1 [8380 B] 306s Get:62 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1ubuntu1 [6722 B] 306s Get:63 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsss-sudo ppc64el 2.9.4-1ubuntu1 [22.4 kB] 306s Get:64 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1ubuntu1 [19.2 kB] 306s Get:65 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1ubuntu1 [9542 B] 306s Preconfiguring packages ... 306s Fetched 14.3 MB in 3s (5534 kB/s) 306s Selecting previously unselected package libltdl7:ppc64el. 306s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69722 files and directories currently installed.) 306s Preparing to unpack .../00-libltdl7_2.4.7-7_ppc64el.deb ... 306s Unpacking libltdl7:ppc64el (2.4.7-7) ... 306s Selecting previously unselected package libodbc2:ppc64el. 306s Preparing to unpack .../01-libodbc2_2.3.12-1_ppc64el.deb ... 306s Unpacking libodbc2:ppc64el (2.3.12-1) ... 306s Selecting previously unselected package slapd. 306s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 307s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 307s Selecting previously unselected package libtcl8.6:ppc64el. 307s Preparing to unpack .../03-libtcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 307s Unpacking libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 307s Selecting previously unselected package tcl8.6. 307s Preparing to unpack .../04-tcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 307s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 307s Selecting previously unselected package tcl-expect:ppc64el. 307s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_ppc64el.deb ... 307s Unpacking tcl-expect:ppc64el (5.45.4-2build1) ... 307s Selecting previously unselected package expect. 307s Preparing to unpack .../06-expect_5.45.4-2build1_ppc64el.deb ... 307s Unpacking expect (5.45.4-2build1) ... 307s Selecting previously unselected package ldap-utils. 307s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 307s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 307s Selecting previously unselected package libavahi-common-data:ppc64el. 307s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 307s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 307s Selecting previously unselected package libavahi-common3:ppc64el. 307s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 307s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 307s Selecting previously unselected package libavahi-client3:ppc64el. 307s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 307s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 307s Selecting previously unselected package libcrack2:ppc64el. 307s Preparing to unpack .../11-libcrack2_2.9.6-5.1_ppc64el.deb ... 307s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 307s Selecting previously unselected package libevent-2.1-7:ppc64el. 307s Preparing to unpack .../12-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 307s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 307s Selecting previously unselected package libjose0:ppc64el. 307s Preparing to unpack .../13-libjose0_11-3_ppc64el.deb ... 307s Unpacking libjose0:ppc64el (11-3) ... 307s Selecting previously unselected package libverto-libevent1:ppc64el. 307s Preparing to unpack .../14-libverto-libevent1_0.3.1-1ubuntu5_ppc64el.deb ... 307s Unpacking libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 307s Selecting previously unselected package libverto1:ppc64el. 307s Preparing to unpack .../15-libverto1_0.3.1-1ubuntu5_ppc64el.deb ... 307s Unpacking libverto1:ppc64el (0.3.1-1ubuntu5) ... 307s Selecting previously unselected package libkrad0:ppc64el. 307s Preparing to unpack .../16-libkrad0_1.20.1-5build1_ppc64el.deb ... 307s Unpacking libkrad0:ppc64el (1.20.1-5build1) ... 307s Selecting previously unselected package libtalloc2:ppc64el. 307s Preparing to unpack .../17-libtalloc2_2.4.2-1_ppc64el.deb ... 307s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 307s Selecting previously unselected package libtdb1:ppc64el. 307s Preparing to unpack .../18-libtdb1_1.4.10-1_ppc64el.deb ... 307s Unpacking libtdb1:ppc64el (1.4.10-1) ... 307s Selecting previously unselected package libtevent0:ppc64el. 307s Preparing to unpack .../19-libtevent0_0.16.1-1_ppc64el.deb ... 307s Unpacking libtevent0:ppc64el (0.16.1-1) ... 307s Selecting previously unselected package libldb2:ppc64el. 307s Preparing to unpack .../20-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 307s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 307s Selecting previously unselected package libnfsidmap1:ppc64el. 307s Preparing to unpack .../21-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 307s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 307s Selecting previously unselected package libnss-sudo. 307s Preparing to unpack .../22-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 307s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 307s Selecting previously unselected package libpwquality-common. 307s Preparing to unpack .../23-libpwquality-common_1.4.5-3_all.deb ... 307s Unpacking libpwquality-common (1.4.5-3) ... 307s Selecting previously unselected package libpwquality1:ppc64el. 307s Preparing to unpack .../24-libpwquality1_1.4.5-3_ppc64el.deb ... 307s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 307s Selecting previously unselected package libpam-pwquality:ppc64el. 307s Preparing to unpack .../25-libpam-pwquality_1.4.5-3_ppc64el.deb ... 307s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 307s Selecting previously unselected package libwbclient0:ppc64el. 307s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 307s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 307s Selecting previously unselected package samba-libs:ppc64el. 307s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 307s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 307s Selecting previously unselected package libnss-sss:ppc64el. 307s Preparing to unpack .../28-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 307s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 307s Selecting previously unselected package libpam-sss:ppc64el. 307s Preparing to unpack .../29-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 307s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 307s Selecting previously unselected package python3-sss. 307s Preparing to unpack .../30-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 307s Unpacking python3-sss (2.9.4-1ubuntu1) ... 307s Selecting previously unselected package libc-ares2:ppc64el. 307s Preparing to unpack .../31-libc-ares2_1.27.0-1_ppc64el.deb ... 307s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 307s Selecting previously unselected package libdhash1:ppc64el. 307s Preparing to unpack .../32-libdhash1_0.6.2-2_ppc64el.deb ... 307s Unpacking libdhash1:ppc64el (0.6.2-2) ... 307s Selecting previously unselected package libbasicobjects0:ppc64el. 307s Preparing to unpack .../33-libbasicobjects0_0.6.2-2_ppc64el.deb ... 307s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 307s Selecting previously unselected package libcollection4:ppc64el. 307s Preparing to unpack .../34-libcollection4_0.6.2-2_ppc64el.deb ... 307s Unpacking libcollection4:ppc64el (0.6.2-2) ... 307s Selecting previously unselected package libpath-utils1:ppc64el. 307s Preparing to unpack .../35-libpath-utils1_0.6.2-2_ppc64el.deb ... 308s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 308s Selecting previously unselected package libref-array1:ppc64el. 308s Preparing to unpack .../36-libref-array1_0.6.2-2_ppc64el.deb ... 308s Unpacking libref-array1:ppc64el (0.6.2-2) ... 308s Selecting previously unselected package libini-config5:ppc64el. 308s Preparing to unpack .../37-libini-config5_0.6.2-2_ppc64el.deb ... 308s Unpacking libini-config5:ppc64el (0.6.2-2) ... 308s Selecting previously unselected package libsss-certmap0. 308s Preparing to unpack .../38-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-idmap0. 308s Preparing to unpack .../39-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-nss-idmap0. 308s Preparing to unpack .../40-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-common. 308s Preparing to unpack .../41-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-common (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-idp. 308s Preparing to unpack .../42-sssd-idp_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-passkey. 308s Preparing to unpack .../43-sssd-passkey_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-ad-common. 308s Preparing to unpack .../44-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-krb5-common. 308s Preparing to unpack .../45-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsmbclient:ppc64el. 308s Preparing to unpack .../46-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 308s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 308s Selecting previously unselected package sssd-ad. 308s Preparing to unpack .../47-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libipa-hbac0. 308s Preparing to unpack .../48-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-ipa. 308s Preparing to unpack .../49-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-krb5. 308s Preparing to unpack .../50-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-ldap. 308s Preparing to unpack .../51-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-proxy. 308s Preparing to unpack .../52-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd. 308s Preparing to unpack .../53-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-dbus. 308s Preparing to unpack .../54-sssd-dbus_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-kcm. 308s Preparing to unpack .../55-sssd-kcm_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package sssd-tools. 308s Preparing to unpack .../56-sssd-tools_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libipa-hbac-dev. 308s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-certmap-dev. 308s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-idmap-dev. 308s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-nss-idmap-dev. 308s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package libsss-sudo. 308s Preparing to unpack .../61-libsss-sudo_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package python3-libipa-hbac. 308s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package python3-libsss-nss-idmap. 308s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1ubuntu1_ppc64el.deb ... 308s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 308s Selecting previously unselected package autopkgtest-satdep. 308s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 308s Unpacking autopkgtest-satdep (0) ... 308s Setting up libpwquality-common (1.4.5-3) ... 308s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 308s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 308s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 308s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 308s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 308s Setting up libtdb1:ppc64el (1.4.10-1) ... 308s Setting up libc-ares2:ppc64el (1.27.0-1) ... 308s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 308s Setting up libjose0:ppc64el (11-3) ... 308s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 308s Setting up libtalloc2:ppc64el (2.4.2-1) ... 308s Setting up libdhash1:ppc64el (0.6.2-2) ... 308s Setting up libtevent0:ppc64el (0.16.1-1) ... 308s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 308s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 308s Setting up libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 308s Setting up libltdl7:ppc64el (2.4.7-7) ... 308s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 308s Setting up libcollection4:ppc64el (0.6.2-2) ... 308s Setting up libodbc2:ppc64el (2.3.12-1) ... 308s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 308s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 308s Setting up libref-array1:ppc64el (0.6.2-2) ... 308s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 308s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 308s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 308s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 308s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 308s Creating new user openldap... done. 308s Creating initial configuration... done. 308s Creating LDAP directory... done. 309s Setting up tcl8.6 (8.6.13+dfsg-2) ... 309s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 309s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 309s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 309s Setting up libini-config5:ppc64el (0.6.2-2) ... 309s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 309s Setting up tcl-expect:ppc64el (5.45.4-2build1) ... 309s Setting up python3-sss (2.9.4-1ubuntu1) ... 309s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 309s Setting up libpwquality1:ppc64el (1.4.5-3) ... 309s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 309s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 309s Setting up expect (5.45.4-2build1) ... 309s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 309s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 309s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 309s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 309s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 309s Setting up sssd-common (2.9.4-1ubuntu1) ... 309s Creating SSSD system user & group... 309s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 309s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 309s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 310s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 310s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 310s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 311s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 311s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 311s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 311s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 311s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 312s sssd-autofs.service is a disabled or a static unit, not starting it. 312s sssd-nss.service is a disabled or a static unit, not starting it. 312s sssd-pam.service is a disabled or a static unit, not starting it. 312s sssd-ssh.service is a disabled or a static unit, not starting it. 312s sssd-sudo.service is a disabled or a static unit, not starting it. 312s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 312s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 312s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 312s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 313s sssd-kcm.service is a disabled or a static unit, not starting it. 313s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 313s sssd-ifp.service is a disabled or a static unit, not starting it. 313s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 313s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 313s sssd-pac.service is a disabled or a static unit, not starting it. 314s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 314s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 314s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 314s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 314s Setting up sssd-ad (2.9.4-1ubuntu1) ... 314s Setting up sssd-tools (2.9.4-1ubuntu1) ... 314s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 314s Setting up sssd (2.9.4-1ubuntu1) ... 314s Setting up libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 314s Setting up libverto1:ppc64el (0.3.1-1ubuntu5) ... 314s Setting up libkrad0:ppc64el (1.20.1-5build1) ... 314s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 314s Setting up sssd-idp (2.9.4-1ubuntu1) ... 314s Setting up autopkgtest-satdep (0) ... 314s Processing triggers for libc-bin (2.39-0ubuntu6) ... 314s Processing triggers for ufw (0.36.2-5) ... 314s Processing triggers for man-db (2.12.0-3) ... 315s Processing triggers for dbus (1.14.10-4ubuntu1) ... 323s (Reading database ... 71007 files and directories currently installed.) 323s Removing autopkgtest-satdep (0) ... 324s autopkgtest [22:44:21]: test ldap-user-group-ldap-auth: [----------------------- 324s + . debian/tests/util 324s + . debian/tests/common-tests 324s + mydomain=example.com 324s + myhostname=ldap.example.com 324s + mysuffix=dc=example,dc=com 324s + admin_dn=cn=admin,dc=example,dc=com 324s + admin_pw=secret 324s + ldap_user=testuser1 324s + ldap_user_pw=testuser1secret 324s + ldap_group=ldapusers 324s + adjust_hostname ldap.example.com 324s + local myhostname=ldap.example.com 324s + echo ldap.example.com 324s + hostname ldap.example.com 324s + grep -qE ldap.example.com /etc/hosts 324s + echo 127.0.1.10 ldap.example.com 324s + reconfigure_slapd 324s + debconf-set-selections 324s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 324s + dpkg-reconfigure -fnoninteractive -pcritical slapd 324s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 324s Moving old database directory to /var/backups: 324s - directory unknown... done. 324s Creating initial configuration... done. 324s Creating LDAP directory... done. 325s + generate_certs ldap.example.com 325s + local cn=ldap.example.com 325s + local cert=/etc/ldap/server.pem 325s + local key=/etc/ldap/server.key 325s + local cnf=/etc/ldap/openssl.cnf 325s + cat 325s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 325s ..........................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 325s ....++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 325s ----- 325s + chmod 0640 /etc/ldap/server.key 325s + chgrp openldap /etc/ldap/server.key 325s + [ ! -f /etc/ldap/server.pem ] 325s + [ ! -f /etc/ldap/server.key ] 325s + enable_ldap_ssl 325s + cat 325s + cat 325s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 325s + populate_ldap_rfc2307 325s + cat 325s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 325s + configure_sssd_ldap_rfc2307 325s + cat 325s + chmod 0600 /etc/sssd/sssd.conf 325s + systemctl restart sssd 325s modifying entry "cn=config" 325s 325s adding new entry "ou=People,dc=example,dc=com" 325s 325s adding new entry "ou=Group,dc=example,dc=com" 325s 325s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 325s 325s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 325s 325s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 325s 325s + enable_pam_mkhomedir 325s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 325s + echo session optional pam_mkhomedir.so 325s + run_common_testsAssert local user databases do not have our LDAP test data 325s 325s + echo Assert local user databases do not have our LDAP test data 325s + check_local_user testuser1 325s + local local_user=testuser1 325s + grep -q ^testuser1 /etc/passwd 325s + check_local_group testuser1The LDAP user is known to the system via getent 325s 325s + local local_group=testuser1 325s + grep -q ^testuser1 /etc/group 325s + check_local_group ldapusers 325s + local local_group=ldapusers 325s + grep -q ^ldapusers /etc/group 325s + echo The LDAP user is known to the system via getent 325s + check_getent_user testuser1 325s + local getent_user=testuser1 325s + local output 325s + getent passwd testuser1 325s The LDAP user's private group is known to the system via getent 325s The LDAP group ldapusers is known to the system via getent 325s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 325s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 325s + echo The LDAP user's private group is known to the system via getent 325s + check_getent_group testuser1 325s + local getent_group=testuser1 325s + local output 325s + getent group testuser1 325s + output=testuser1:*:10001:testuser1 325s + [ -z testuser1:*:10001:testuser1 ] 325s + echo The LDAP group ldapusers is known to the system via getent 325s + check_getent_group ldapusers 325s + local getent_group=ldapusers 325s + local output 325s + getent group ldapusers 325s The id(1) command can resolve the group membership of the LDAP user 325s + output=ldapusers:*:10100:testuser1 325s + [ -z ldapusers:*:10100:testuser1 ] 325s + echo The id(1) command can resolve the group membership of the LDAP user 325s + id -Gn testuser1 325s + output=testuser1 ldapusers 325s + [ testuser1 ldapusers != testuser1 ldapusers ] 325s + The LDAP user can login on a terminal 325s echo The LDAP user can login on a terminal 325s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 325s spawn login 325s ldap.example.com login: testuser1 325s Password: 325s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 325s 325s * Documentation: https://help.ubuntu.com 325s * Management: https://landscape.canonical.com 325s * Support: https://ubuntu.com/pro 325s 325s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 325s just raised the bar for easy, resilient and secure K8s cluster deployment. 325s 325s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 325s 325s The programs included with the Ubuntu system are free software; 325s the exact distribution terms for each program are described in the 325s individual files in /usr/share/doc/*/copyright. 325s 325s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 325s applicable law. 325s 325s 325s The programs included with the Ubuntu system are free software; 325s the exact distribution terms for each program are described in the 325s individual files in /usr/share/doc/*/copyright. 325s 325s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 325s applicable law. 325s 325s Creating directory '/home/testuser1'. 325s [?2004htestuser1@ldap:~$ id -un 325s [?2004l testuser1 326s [?2004htestuser1@ldap:~$ autopkgtest [22:44:23]: test ldap-user-group-ldap-auth: -----------------------] 326s autopkgtest [22:44:23]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 326s ldap-user-group-ldap-auth PASS 326s autopkgtest [22:44:23]: test ldap-user-group-krb5-auth: preparing testbed 331s Reading package lists... 331s Building dependency tree... 331s Reading state information... 331s Starting pkgProblemResolver with broken count: 0 331s Starting 2 pkgProblemResolver with broken count: 0 331s Done 331s The following additional packages will be installed: 331s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 331s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 331s Suggested packages: 331s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 331s The following NEW packages will be installed: 331s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 331s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 331s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 331s Need to get 669 kB/670 kB of archives. 331s After this operation, 3104 kB of additional disk space will be used. 331s Get:1 /tmp/autopkgtest.Y0w0ep/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [888 B] 332s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 332s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libgssrpc4 ppc64el 1.20.1-5build1 [64.3 kB] 332s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-5build1 [43.7 kB] 332s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libkdb5-10 ppc64el 1.20.1-5build1 [46.3 kB] 332s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-5build1 [60.8 kB] 332s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-user ppc64el 1.20.1-5build1 [117 kB] 332s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-kdc ppc64el 1.20.1-5build1 [207 kB] 332s Get:9 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-admin-server ppc64el 1.20.1-5build1 [108 kB] 333s Preconfiguring packages ... 334s Fetched 669 kB in 1s (674 kB/s) 334s Selecting previously unselected package krb5-config. 334s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 71007 files and directories currently installed.) 334s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 334s Unpacking krb5-config (2.7) ... 334s Selecting previously unselected package libgssrpc4:ppc64el. 334s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_ppc64el.deb ... 334s Unpacking libgssrpc4:ppc64el (1.20.1-5build1) ... 334s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 334s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_ppc64el.deb ... 334s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 334s Selecting previously unselected package libkdb5-10:ppc64el. 334s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_ppc64el.deb ... 334s Unpacking libkdb5-10:ppc64el (1.20.1-5build1) ... 334s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 334s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_ppc64el.deb ... 334s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 334s Selecting previously unselected package krb5-user. 334s Preparing to unpack .../5-krb5-user_1.20.1-5build1_ppc64el.deb ... 334s Unpacking krb5-user (1.20.1-5build1) ... 334s Selecting previously unselected package krb5-kdc. 334s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_ppc64el.deb ... 334s Unpacking krb5-kdc (1.20.1-5build1) ... 334s Selecting previously unselected package krb5-admin-server. 334s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_ppc64el.deb ... 334s Unpacking krb5-admin-server (1.20.1-5build1) ... 334s Selecting previously unselected package autopkgtest-satdep. 334s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 334s Unpacking autopkgtest-satdep (0) ... 334s Setting up libgssrpc4:ppc64el (1.20.1-5build1) ... 334s Setting up krb5-config (2.7) ... 334s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 334s Setting up libkdb5-10:ppc64el (1.20.1-5build1) ... 334s Setting up libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 334s Setting up krb5-user (1.20.1-5build1) ... 334s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 334s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 334s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 334s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 334s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 334s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 334s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 334s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 334s Setting up krb5-kdc (1.20.1-5build1) ... 335s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 335s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 335s Setting up krb5-admin-server (1.20.1-5build1) ... 336s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 336s Setting up autopkgtest-satdep (0) ... 336s Processing triggers for man-db (2.12.0-3) ... 337s Processing triggers for libc-bin (2.39-0ubuntu6) ... 344s (Reading database ... 71100 files and directories currently installed.) 344s Removing autopkgtest-satdep (0) ... 344s autopkgtest [22:44:41]: test ldap-user-group-krb5-auth: [----------------------- 344s + . debian/tests/util 344s + . debian/tests/common-tests 344s + mydomain=example.com 344s + myhostname=ldap.example.com 344s + mysuffix=dc=example,dc=com 344s + myrealm=EXAMPLE.COM 344s + admin_dn=cn=admin,dc=example,dc=com 344s + admin_pw=secret 344s + ldap_user=testuser1 344s + ldap_user_pw=testuser1secret 344s + kerberos_principal_pw=testuser1kerberos 344s + ldap_group=ldapusers 344s + adjust_hostname ldap.example.com 344s + local myhostname=ldap.example.com 344s + echo ldap.example.com 344s + hostname ldap.example.com 344s + grep -qE ldap.example.com /etc/hosts 344s + reconfigure_slapd 344s + debconf-set-selections 344s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240323-224421.ldapdb 344s + dpkg-reconfigure -fnoninteractive -pcritical slapd 345s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 345s Moving old database directory to /var/backups: 345s - directory unknown... done. 345s Creating initial configuration... done. 345s Creating LDAP directory... done. 345s + generate_certs ldap.example.com 345s + local cn=ldap.example.com 345s + local cert=/etc/ldap/server.pem 345s + local key=/etc/ldap/server.key 345s + local cnf=/etc/ldap/openssl.cnf 345s + cat 345s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 345s .++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 345s ........................................................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 345s ----- 345s + chmod 0640 /etc/ldap/server.key 345s + chgrp openldap /etc/ldap/server.key 345s + [ ! -f /etc/ldap/server.pem ] 345s + [ ! -f /etc/ldap/server.key ] 345s + enable_ldap_ssl 345s + cat 345s + cat 345s + ldapmodify -H ldapi:/// -Ymodifying entry "cn=config" 345s 345s adding new entry "ou=People,dc=example,dc=com" 345s 345s adding new entry "ou=Group,dc=example,dc=com" 345s 345s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 345s 345s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 345s 345s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 345s 345s EXTERNAL -Q 345s + populate_ldap_rfc2307 345s + + catldapadd 345s -x -D cn=admin,dc=example,dc=com -w secret 345s + create_realm EXAMPLE.COM ldap.example.com 345s + localInitializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 345s master key name 'K/M@EXAMPLE.COM' 345s realm_name=EXAMPLE.COM 345s + local kerberos_server=ldap.example.com 345s + rm -rf /var/lib/krb5kdc/* 345s + rm -rf /etc/krb5kdc/kdc.conf 345s + rm -f /etc/krb5.keytab 345s + cat 345s + cat 345s + echo # */admin * 345s + kdb5_util create -s -P secretpassword 345s + systemctl restart krb5-kdc.service krb5-admin-server.service 345s + create_krb_principal testuser1 testuser1kerberos 345s + local principal=testuser1 345s + local password=testuser1kerberos 345s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 345s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 345s Authenticating as principal root/admin@EXAMPLE.COM with password. 345s Principal "testuser1@EXAMPLE.COM" created. 345s + configure_sssd_ldap_rfc2307_krb5_auth 345s + cat 345s + chmod 0600 /etc/sssd/sssd.conf 345s + systemctl restart sssd 346s + enable_pam_mkhomedir 346s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 346s + run_common_tests 346s Assert local user databases do not have our LDAP test data 346s + echo Assert local user databases do not have our LDAP test data 346s + check_local_user testuser1 346s + local local_user=testuser1 346s + grep -q ^testuser1 /etc/passwd 346s + check_local_group testuser1 346s + local local_group=testuser1 346s + grep -q ^testuser1 /etc/group 346s + check_local_group ldapusers 346s + local local_group=ldapusers 346s + grep -q ^ldapusers /etc/group 346s The LDAP user is known to the system via getent 346s + echo The LDAP user is known to the system via getent 346s + check_getent_user testuser1 346s + local getent_user=testuser1 346s + local output 346s + getent passwd testuser1 346s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 346s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 346s + echo The LDAP user's private group is known to the system via getent 346s + check_getent_group testuser1 346s + local getent_group=testuser1 346s + local output 346s + getent group testuser1 346s The LDAP user's private group is known to the system via getent 346s + output=testuser1:*:10001:testuser1 346s + [ -z testuser1:*:10001:testuser1 ] 346s + echoThe LDAP group ldapusers is known to the system via getent 346s The LDAP group ldapusers is known to the system via getent 346s + check_getent_group ldapusers 346s + local getent_group=ldapusers 346s + local output 346s + getent group ldapusers 346s + output=ldapusers:*:10100:testuser1 346s + [ -z ldapusers:*:10100:testuser1 ] 346s + echo The id(1) command can resolve the group membership of the LDAP user 346s + The id(1) command can resolve the group membership of the LDAP user 346s id -Gn testuser1 346s + output=testuser1 ldapusers 346s + [ testuser1 ldapusers != testuser1 ldapusers ] 346s + echo The Kerberos principal can login on a terminal 346s + kdestroy 346s + The Kerberos principal can login on a terminal 346s /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 346s spawn login 346s ldap.example.com login: testuser1 346s Password: 346s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 346s 346s * Documentation: https://help.ubuntu.com 346s * Management: https://landscape.canonical.com 346s * Support: https://ubuntu.com/pro 346s 346s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 346s just raised the bar for easy, resilient and secure K8s cluster deployment. 346s 346s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 346s 346s The programs included with the Ubuntu system are free software; 346s the exact distribution terms for each program are described in the 346s individual files in /usr/share/doc/*/copyright. 346s 346s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 346s applicable law. 346s 346s Last login: Sat Mar 23 22:44:22 UTC 2024 on pts/0 346s [?2004htestuser1@ldap:~$ id -un 346s [?2004l testuser1 346s [?2004htestuser1@ldap:~$ klist 346s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_WuJyrQ 346s Default principal: testuser1@EXAMPLE.COMautopkgtest [22:44:43]: test ldap-user-group-krb5-auth: -----------------------] 347s autopkgtest [22:44:44]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 347s ldap-user-group-krb5-auth PASS 347s autopkgtest [22:44:44]: test sssd-softhism2-certificates-tests.sh: preparing testbed 804s autopkgtest [22:52:21]: testbed dpkg architecture: ppc64el 804s autopkgtest [22:52:21]: testbed apt version: 2.7.12 804s autopkgtest [22:52:21]: @@@@@@@@@@@@@@@@@@@@ test bed setup 805s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 806s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [494 kB] 806s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 806s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [56.9 kB] 806s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3966 kB] 807s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [661 kB] 807s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 807s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 807s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 807s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [4254 kB] 807s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 807s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [60.8 kB] 807s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 810s Fetched 9629 kB in 3s (3548 kB/s) 810s Reading package lists... 813s Reading package lists... 813s Building dependency tree... 813s Reading state information... 813s Calculating upgrade... 813s The following packages will be REMOVED: 813s libreadline8 libssl3 813s The following NEW packages will be installed: 813s libreadline8t64 libssl3t64 813s The following packages have been kept back: 813s libpython3.12-minimal libpython3.12-stdlib python3.12 python3.12-minimal 813s The following packages will be upgraded: 813s libtirpc-common openssl readline-common 813s 3 upgraded, 2 newly installed, 2 to remove and 4 not upgraded. 813s Need to get 3397 kB of archives. 813s After this operation, 75.8 kB of additional disk space will be used. 813s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el readline-common all 8.2-4 [56.4 kB] 814s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libreadline8t64 ppc64el 8.2-4 [182 kB] 814s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el openssl ppc64el 3.0.13-0ubuntu2 [1026 kB] 814s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libssl3t64 ppc64el 3.0.13-0ubuntu2 [2125 kB] 814s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libtirpc-common all 1.3.4+ds-1.1 [8018 B] 814s Fetched 3397 kB in 1s (4277 kB/s) 814s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 814s Preparing to unpack .../readline-common_8.2-4_all.deb ... 814s Unpacking readline-common (8.2-4) over (8.2-3) ... 814s dpkg: libreadline8:ppc64el: dependency problems, but removing anyway as you requested: 814s parted depends on libreadline8 (>= 6.0). 814s libpython3.12-stdlib:ppc64el depends on libreadline8 (>= 7.0~beta). 814s libpython3.11-stdlib:ppc64el depends on libreadline8 (>= 7.0~beta). 814s gpgsm depends on libreadline8 (>= 6.0). 814s gpgconf depends on libreadline8 (>= 6.0). 814s gpg depends on libreadline8 (>= 6.0). 814s gawk depends on libreadline8 (>= 6.0). 814s fdisk depends on libreadline8 (>= 6.0). 814s bc depends on libreadline8 (>= 6.0). 814s 814s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70157 files and directories currently installed.) 815s Removing libreadline8:ppc64el (8.2-3) ... 815s Selecting previously unselected package libreadline8t64:ppc64el. 815s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70145 files and directories currently installed.) 815s Preparing to unpack .../libreadline8t64_8.2-4_ppc64el.deb ... 815s Adding 'diversion of /lib/powerpc64le-linux-gnu/libhistory.so.8 to /lib/powerpc64le-linux-gnu/libhistory.so.8.usr-is-merged by libreadline8t64' 815s Adding 'diversion of /lib/powerpc64le-linux-gnu/libhistory.so.8.2 to /lib/powerpc64le-linux-gnu/libhistory.so.8.2.usr-is-merged by libreadline8t64' 815s Adding 'diversion of /lib/powerpc64le-linux-gnu/libreadline.so.8 to /lib/powerpc64le-linux-gnu/libreadline.so.8.usr-is-merged by libreadline8t64' 815s Adding 'diversion of /lib/powerpc64le-linux-gnu/libreadline.so.8.2 to /lib/powerpc64le-linux-gnu/libreadline.so.8.2.usr-is-merged by libreadline8t64' 815s Unpacking libreadline8t64:ppc64el (8.2-4) ... 815s Preparing to unpack .../openssl_3.0.13-0ubuntu2_ppc64el.deb ... 815s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 815s dpkg: libssl3:ppc64el: dependency problems, but removing anyway as you requested: 815s wget depends on libssl3 (>= 3.0.0). 815s tnftp depends on libssl3 (>= 3.0.0). 815s tcpdump depends on libssl3 (>= 3.0.0). 815s systemd-resolved depends on libssl3 (>= 3.0.0). 815s systemd depends on libssl3 (>= 3.0.0). 815s sudo depends on libssl3 (>= 3.0.0). 815s rsync depends on libssl3 (>= 3.0.0). 815s python3-cryptography depends on libssl3 (>= 3.0.0). 815s openssh-server depends on libssl3 (>= 3.0.10). 815s openssh-client depends on libssl3 (>= 3.0.10). 815s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 815s libsystemd-shared:ppc64el depends on libssl3 (>= 3.0.0). 815s libssh-4:ppc64el depends on libssl3 (>= 3.0.0). 815s libsasl2-modules:ppc64el depends on libssl3 (>= 3.0.0). 815s libsasl2-2:ppc64el depends on libssl3 (>= 3.0.0). 815s libpython3.12-minimal:ppc64el depends on libssl3 (>= 3.0.0). 815s libpython3.11-minimal:ppc64el depends on libssl3 (>= 3.0.0). 815s libnvme1 depends on libssl3 (>= 3.0.0). 815s libkrb5-3:ppc64el depends on libssl3 (>= 3.0.0). 815s libkmod2:ppc64el depends on libssl3 (>= 3.0.0). 815s libfido2-1:ppc64el depends on libssl3 (>= 3.0.0). 815s libcurl4:ppc64el depends on libssl3 (>= 3.0.0). 815s libcryptsetup12:ppc64el depends on libssl3 (>= 3.0.0). 815s kmod depends on libssl3 (>= 3.0.0). 815s dhcpcd-base depends on libssl3 (>= 3.0.0). 815s bind9-libs:ppc64el depends on libssl3 (>= 3.0.0). 815s 815s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70165 files and directories currently installed.) 815s Removing libssl3:ppc64el (3.0.10-1ubuntu4) ... 815s Selecting previously unselected package libssl3t64:ppc64el. 815s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70154 files and directories currently installed.) 815s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_ppc64el.deb ... 815s Unpacking libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 815s Preparing to unpack .../libtirpc-common_1.3.4+ds-1.1_all.deb ... 815s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 815s Setting up libssl3t64:ppc64el (3.0.13-0ubuntu2) ... 815s Setting up libtirpc-common (1.3.4+ds-1.1) ... 815s Setting up openssl (3.0.13-0ubuntu2) ... 815s Setting up readline-common (8.2-4) ... 815s Setting up libreadline8t64:ppc64el (8.2-4) ... 815s Processing triggers for libc-bin (2.39-0ubuntu2) ... 815s Processing triggers for man-db (2.12.0-3) ... 816s Processing triggers for install-info (7.1-3) ... 816s Reading package lists... 816s Building dependency tree... 816s Reading state information... 816s 0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded. 817s sh: Attempting to set up Debian/Ubuntu apt sources automatically 817s sh: Distribution appears to be Ubuntu 818s Reading package lists... 818s Building dependency tree... 818s Reading state information... 818s eatmydata is already the newest version (131-1). 818s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 818s Reading package lists... 818s Building dependency tree... 818s Reading state information... 818s dbus is already the newest version (1.14.10-4ubuntu1). 818s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 818s Reading package lists... 818s Building dependency tree... 818s Reading state information... 819s rng-tools-debian is already the newest version (2.4). 819s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 819s Reading package lists... 819s Building dependency tree... 819s Reading state information... 819s The following packages will be REMOVED: 819s cloud-init* python3-configobj* python3-debconf* 819s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 819s After this operation, 3252 kB disk space will be freed. 819s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70167 files and directories currently installed.) 819s Removing cloud-init (24.1.1-0ubuntu1) ... 820s Removing python3-configobj (5.0.8-3) ... 820s Removing python3-debconf (1.5.86) ... 820s Processing triggers for man-db (2.12.0-3) ... 820s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69778 files and directories currently installed.) 820s Purging configuration files for cloud-init (24.1.1-0ubuntu1) ... 821s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 821s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 821s invoke-rc.d: policy-rc.d denied execution of try-restart. 821s Reading package lists... 821s Building dependency tree... 821s Reading state information... 821s linux-generic is already the newest version (6.8.0-11.11+1). 821s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 821s Get:1 http://ftpmaster.internal/ubuntu noble InRelease [255 kB] 822s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 822s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 822s Get:4 http://ftpmaster.internal/ubuntu noble/main Sources [1384 kB] 822s Get:5 http://ftpmaster.internal/ubuntu noble/universe Sources [19.8 MB] 823s Get:6 http://ftpmaster.internal/ubuntu noble/multiverse Sources [295 kB] 824s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el Packages [1379 kB] 824s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el Packages [14.9 MB] 824s Get:9 http://ftpmaster.internal/ubuntu noble/multiverse ppc64el Packages [185 kB] 830s Fetched 38.2 MB in 8s (4985 kB/s) 831s Reading package lists... 831s Reading package lists... 831s Building dependency tree... 831s Reading state information... 832s Calculating upgrade... 832s The following packages will be upgraded: 832s fonts-ubuntu-console libbsd0 libc-bin libc6 locales python3-markupsafe 832s 6 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 832s Need to get 8345 kB of archives. 832s After this operation, 67.6 kB disk space will be freed. 832s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el libc6 ppc64el 2.39-0ubuntu6 [3274 kB] 833s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-bin ppc64el 2.39-0ubuntu6 [751 kB] 833s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libbsd0 ppc64el 0.12.1-1 [56.9 kB] 833s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el locales all 2.39-0ubuntu6 [4232 kB] 834s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el fonts-ubuntu-console all 0.869+git20240321-0ubuntu1 [18.7 kB] 834s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-markupsafe ppc64el 2.1.5-1build1 [13.2 kB] 834s Preconfiguring packages ... 834s Fetched 8345 kB in 2s (3549 kB/s) 834s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69723 files and directories currently installed.) 834s Preparing to unpack .../libc6_2.39-0ubuntu6_ppc64el.deb ... 834s Unpacking libc6:ppc64el (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 835s Setting up libc6:ppc64el (2.39-0ubuntu6) ... 835s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69723 files and directories currently installed.) 835s Preparing to unpack .../libc-bin_2.39-0ubuntu6_ppc64el.deb ... 835s Unpacking libc-bin (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 835s Setting up libc-bin (2.39-0ubuntu6) ... 835s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69723 files and directories currently installed.) 835s Preparing to unpack .../libbsd0_0.12.1-1_ppc64el.deb ... 835s Unpacking libbsd0:ppc64el (0.12.1-1) over (0.11.8-1) ... 835s Preparing to unpack .../locales_2.39-0ubuntu6_all.deb ... 835s Unpacking locales (2.39-0ubuntu6) over (2.39-0ubuntu2) ... 836s Preparing to unpack .../fonts-ubuntu-console_0.869+git20240321-0ubuntu1_all.deb ... 836s Unpacking fonts-ubuntu-console (0.869+git20240321-0ubuntu1) over (0.869-0ubuntu1) ... 836s Preparing to unpack .../python3-markupsafe_2.1.5-1build1_ppc64el.deb ... 836s Unpacking python3-markupsafe (2.1.5-1build1) over (2.1.5-1) ... 836s Setting up fonts-ubuntu-console (0.869+git20240321-0ubuntu1) ... 836s Setting up locales (2.39-0ubuntu6) ... 836s Generating locales (this might take a while)... 837s en_US.UTF-8... done 837s Generation complete. 838s Setting up python3-markupsafe (2.1.5-1build1) ... 838s Setting up libbsd0:ppc64el (0.12.1-1) ... 838s Processing triggers for man-db (2.12.0-3) ... 838s Processing triggers for libc-bin (2.39-0ubuntu6) ... 838s Reading package lists... 839s Building dependency tree... 839s Reading state information... 839s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 839s autopkgtest [22:52:56]: rebooting testbed after setup commands that affected boot 1001s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1014s Reading package lists... 1015s Building dependency tree... 1015s Reading state information... 1015s Starting pkgProblemResolver with broken count: 0 1015s Starting 2 pkgProblemResolver with broken count: 0 1015s Done 1015s The following additional packages will be installed: 1015s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 1015s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 1015s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 1015s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 1015s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 1015s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 1015s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 1015s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 1015s sssd-krb5-common sssd-ldap sssd-proxy 1015s Suggested packages: 1015s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 1015s Recommended packages: 1015s cracklib-runtime libsasl2-modules-gssapi-mit 1015s | libsasl2-modules-gssapi-heimdal ldap-utils 1015s The following NEW packages will be installed: 1015s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 1015s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 1015s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 1015s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 1015s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 1015s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 1015s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 1015s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 1015s sssd-krb5-common sssd-ldap sssd-proxy 1015s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 1015s Need to get 11.4 MB/11.4 MB of archives. 1015s After this operation, 56.9 MB of additional disk space will be used. 1015s Get:1 /tmp/autopkgtest.Y0w0ep/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [748 B] 1015s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 1015s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libunbound8 ppc64el 1.19.1-1ubuntu1 [537 kB] 1016s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libgnutls-dane0 ppc64el 3.8.3-1ubuntu1 [24.5 kB] 1016s Get:5 http://ftpmaster.internal/ubuntu noble/universe ppc64el gnutls-bin ppc64el 3.8.3-1ubuntu1 [290 kB] 1016s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 1016s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 1016s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 1016s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 1016s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 1016s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 1016s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 1016s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 1016s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 1016s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 1016s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 1016s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 1016s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 1016s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 1017s Get:20 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2 [5810 B] 1017s Get:21 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2 [294 kB] 1017s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2 [196 kB] 1017s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 1017s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 1017s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 1017s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 1017s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 1017s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 1017s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 1017s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 1017s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 1017s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 1017s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 1017s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 1017s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 1017s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 1017s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 1017s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 1017s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 1017s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 1017s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 1017s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 1017s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 1017s Get:44 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 1017s Get:45 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 1017s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 1017s Fetched 11.4 MB in 2s (5305 kB/s) 1017s Selecting previously unselected package libevent-2.1-7:ppc64el. 1017s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 69722 files and directories currently installed.) 1017s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 1017s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 1018s Selecting previously unselected package libunbound8:ppc64el. 1018s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_ppc64el.deb ... 1018s Unpacking libunbound8:ppc64el (1.19.1-1ubuntu1) ... 1018s Selecting previously unselected package libgnutls-dane0:ppc64el. 1018s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_ppc64el.deb ... 1018s Unpacking libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 1018s Selecting previously unselected package gnutls-bin. 1018s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_ppc64el.deb ... 1018s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 1018s Selecting previously unselected package libavahi-common-data:ppc64el. 1018s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 1018s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 1018s Selecting previously unselected package libavahi-common3:ppc64el. 1018s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 1018s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 1018s Selecting previously unselected package libavahi-client3:ppc64el. 1018s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 1018s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 1018s Selecting previously unselected package libcrack2:ppc64el. 1018s Preparing to unpack .../07-libcrack2_2.9.6-5.1_ppc64el.deb ... 1018s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 1018s Selecting previously unselected package libtalloc2:ppc64el. 1018s Preparing to unpack .../08-libtalloc2_2.4.2-1_ppc64el.deb ... 1018s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 1018s Selecting previously unselected package libtdb1:ppc64el. 1018s Preparing to unpack .../09-libtdb1_1.4.10-1_ppc64el.deb ... 1018s Unpacking libtdb1:ppc64el (1.4.10-1) ... 1018s Selecting previously unselected package libtevent0:ppc64el. 1018s Preparing to unpack .../10-libtevent0_0.16.1-1_ppc64el.deb ... 1018s Unpacking libtevent0:ppc64el (0.16.1-1) ... 1018s Selecting previously unselected package libldb2:ppc64el. 1018s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1018s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 1018s Selecting previously unselected package libnfsidmap1:ppc64el. 1018s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 1018s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 1018s Selecting previously unselected package libpwquality-common. 1018s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 1018s Unpacking libpwquality-common (1.4.5-3) ... 1018s Selecting previously unselected package libpwquality1:ppc64el. 1018s Preparing to unpack .../14-libpwquality1_1.4.5-3_ppc64el.deb ... 1018s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 1018s Selecting previously unselected package libpam-pwquality:ppc64el. 1018s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_ppc64el.deb ... 1018s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 1018s Selecting previously unselected package libwbclient0:ppc64el. 1018s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1018s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1018s Selecting previously unselected package samba-libs:ppc64el. 1018s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1018s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1018s Selecting previously unselected package softhsm2-common. 1018s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_ppc64el.deb ... 1018s Unpacking softhsm2-common (2.6.1-2.2) ... 1018s Selecting previously unselected package libsofthsm2. 1018s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_ppc64el.deb ... 1018s Unpacking libsofthsm2 (2.6.1-2.2) ... 1018s Selecting previously unselected package softhsm2. 1018s Preparing to unpack .../20-softhsm2_2.6.1-2.2_ppc64el.deb ... 1018s Unpacking softhsm2 (2.6.1-2.2) ... 1018s Selecting previously unselected package python3-sss. 1018s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking python3-sss (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libsss-idmap0. 1018s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libnss-sss:ppc64el. 1018s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libpam-sss:ppc64el. 1018s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libc-ares2:ppc64el. 1018s Preparing to unpack .../25-libc-ares2_1.27.0-1_ppc64el.deb ... 1018s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 1018s Selecting previously unselected package libdhash1:ppc64el. 1018s Preparing to unpack .../26-libdhash1_0.6.2-2_ppc64el.deb ... 1018s Unpacking libdhash1:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libbasicobjects0:ppc64el. 1018s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_ppc64el.deb ... 1018s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libcollection4:ppc64el. 1018s Preparing to unpack .../28-libcollection4_0.6.2-2_ppc64el.deb ... 1018s Unpacking libcollection4:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libpath-utils1:ppc64el. 1018s Preparing to unpack .../29-libpath-utils1_0.6.2-2_ppc64el.deb ... 1018s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libref-array1:ppc64el. 1018s Preparing to unpack .../30-libref-array1_0.6.2-2_ppc64el.deb ... 1018s Unpacking libref-array1:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libini-config5:ppc64el. 1018s Preparing to unpack .../31-libini-config5_0.6.2-2_ppc64el.deb ... 1018s Unpacking libini-config5:ppc64el (0.6.2-2) ... 1018s Selecting previously unselected package libsss-certmap0. 1018s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libsss-nss-idmap0. 1018s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-common. 1018s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-common (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-ad-common. 1018s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-krb5-common. 1018s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libsmbclient:ppc64el. 1018s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 1018s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1018s Selecting previously unselected package sssd-ad. 1018s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package libipa-hbac0. 1018s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-ipa. 1018s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-krb5. 1018s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-ldap. 1018s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd-proxy. 1018s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 1018s Selecting previously unselected package sssd. 1018s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 1018s Unpacking sssd (2.9.4-1ubuntu1) ... 1019s Selecting previously unselected package autopkgtest-satdep. 1019s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 1019s Unpacking autopkgtest-satdep (0) ... 1019s Setting up libpwquality-common (1.4.5-3) ... 1019s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 1019s Setting up softhsm2-common (2.6.1-2.2) ... 1019s 1019s Creating config file /etc/softhsm/softhsm2.conf with new version 1019s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 1019s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 1019s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 1019s Setting up libtdb1:ppc64el (1.4.10-1) ... 1019s Setting up libc-ares2:ppc64el (1.27.0-1) ... 1019s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1019s Setting up libtalloc2:ppc64el (2.4.2-1) ... 1019s Setting up libdhash1:ppc64el (0.6.2-2) ... 1019s Setting up libtevent0:ppc64el (0.16.1-1) ... 1019s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 1019s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 1019s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 1019s Setting up libcollection4:ppc64el (0.6.2-2) ... 1019s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 1019s Setting up libref-array1:ppc64el (0.6.2-2) ... 1019s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 1019s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 1019s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 1019s Setting up libsofthsm2 (2.6.1-2.2) ... 1019s Setting up softhsm2 (2.6.1-2.2) ... 1019s Setting up libini-config5:ppc64el (0.6.2-2) ... 1019s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 1019s Setting up python3-sss (2.9.4-1ubuntu1) ... 1019s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 1019s Setting up libunbound8:ppc64el (1.19.1-1ubuntu1) ... 1019s Setting up libpwquality1:ppc64el (1.4.5-3) ... 1019s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 1019s Setting up libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 1019s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 1019s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1019s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 1019s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 1019s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 1019s Setting up sssd-common (2.9.4-1ubuntu1) ... 1019s Creating SSSD system user & group... 1019s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 1019s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 1019s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 1019s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 1020s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 1020s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 1020s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 1020s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 1021s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 1021s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 1021s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 1022s sssd-autofs.service is a disabled or a static unit, not starting it. 1022s sssd-nss.service is a disabled or a static unit, not starting it. 1022s sssd-pam.service is a disabled or a static unit, not starting it. 1022s sssd-ssh.service is a disabled or a static unit, not starting it. 1022s sssd-sudo.service is a disabled or a static unit, not starting it. 1022s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 1022s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 1022s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 1022s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 1022s sssd-pac.service is a disabled or a static unit, not starting it. 1022s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 1022s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 1022s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 1022s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 1022s Setting up sssd-ad (2.9.4-1ubuntu1) ... 1022s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 1022s Setting up sssd (2.9.4-1ubuntu1) ... 1022s Setting up autopkgtest-satdep (0) ... 1022s Processing triggers for man-db (2.12.0-3) ... 1023s Processing triggers for libc-bin (2.39-0ubuntu6) ... 1026s (Reading database ... 70310 files and directories currently installed.) 1026s Removing autopkgtest-satdep (0) ... 1035s autopkgtest [22:56:12]: test sssd-softhism2-certificates-tests.sh: [----------------------- 1036s + '[' -z ubuntu ']' 1036s + required_tools=(p11tool openssl softhsm2-util) 1036s + for cmd in "${required_tools[@]}" 1036s + command -v p11tool 1036s + for cmd in "${required_tools[@]}" 1036s + command -v openssl 1036s + for cmd in "${required_tools[@]}" 1036s + command -v softhsm2-util 1036s + PIN=053350 1036s +++ find /usr/lib/softhsm/libsofthsm2.so 1036s +++ head -n 1 1036s ++ realpath /usr/lib/softhsm/libsofthsm2.so 1036s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1036s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 1036s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 1036s + '[' '!' -v NO_SSSD_TESTS ']' 1036s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 1036s + ca_db_arg=ca_db 1036s ++ /usr/libexec/sssd/p11_child --help 1036s + p11_child_help='Usage: p11_child [OPTION...] 1036s -d, --debug-level=INT Debug level 1036s --debug-timestamps=INT Add debug timestamps 1036s --debug-microseconds=INT Show timestamps with microseconds 1036s --dumpable=INT Allow core dumps 1036s --debug-fd=INT An open file descriptor for the debug 1036s logs 1036s --logger=stderr|files|journald Set logger 1036s --auth Run in auth mode 1036s --pre Run in pre-auth mode 1036s --wait_for_card Wait until card is available 1036s --verification Run in verification mode 1036s --pin Expect PIN on stdin 1036s --keypad Expect PIN on keypad 1036s --verify=STRING Tune validation 1036s --ca_db=STRING CA DB to use 1036s --module_name=STRING Module name for authentication 1036s --token_name=STRING Token name for authentication 1036s --key_id=STRING Key ID for authentication 1036s --label=STRING Label for authentication 1036s --certificate=STRING certificate to verify, base64 encoded 1036s --uri=STRING PKCS#11 URI to restrict selection 1036s --chain-id=LONG Tevent chain ID used for logging 1036s purposes 1036s 1036s Help options: 1036s -?, --help Show this help message 1036s --usage Display brief usage message' 1036s + echo 'Usage: p11_child [OPTION...] 1036s -d, --debug-level=INT Debug level 1036s --debug-timestamps=INT Add debug timestamps 1036s --debug-microseconds=INT Show timestamps with microseconds 1036s --dumpable=INT Allow core dumps 1036s --debug-fd=INT An open file descriptor for the debug 1036s logs 1036s --logger=stderr|files|journald Set logger 1036s --auth Run in auth mode 1036s --pre Run in pre-auth mode 1036s --wait_for_card Wait until card is available 1036s --verification Run in verification mode 1036s --pin Expect PIN on stdin 1036s --keypad Expect PIN on keypad 1036s --verify=STRING Tune validation 1036s --ca_db=STRING CA DB to use 1036s --module_name=STRING Module name for authentication 1036s --token_name=STRING Token name for authentication 1036s --key_id=STRING Key ID for authentication 1036s --label=STRING Label for authentication 1036s --certificate=STRING certificate to verify, base64 encoded 1036s --uri=STRING PKCS#11 URI to restrict selection 1036s --chain-id=LONG Tevent chain ID used for logging 1036s purposes 1036s 1036s Help options: 1036s -?, --help Show this help message 1036s --usage Display brief usage message' 1036s + grep nssdb -qs 1036s + echo 'Usage: p11_child [OPTION...] 1036s -d, --debug-level=INT Debug level 1036s + grep -qs -- --ca_db 1036s --debug-timestamps=INT Add debug timestamps 1036s --debug-microseconds=INT Show timestamps with microseconds 1036s --dumpable=INT Allow core dumps 1036s --debug-fd=INT An open file descriptor for the debug 1036s logs 1036s --logger=stderr|files|journald Set logger 1036s --auth Run in auth mode 1036s --pre Run in pre-auth mode 1036s --wait_for_card Wait until card is available 1036s --verification Run in verification mode 1036s --pin Expect PIN on stdin 1036s --keypad Expect PIN on keypad 1036s --verify=STRING Tune validation 1036s --ca_db=STRING CA DB to use 1036s --module_name=STRING Module name for authentication 1036s --token_name=STRING Token name for authentication 1036s --key_id=STRING Key ID for authentication 1036s --label=STRING Label for authentication 1036s --certificate=STRING certificate to verify, base64 encoded 1036s --uri=STRING PKCS#11 URI to restrict selection 1036s --chain-id=LONG Tevent chain ID used for logging 1036s purposes 1036s 1036s Help options: 1036s -?, --help Show this help message 1036s --usage Display brief usage message' 1036s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 1036s ++ mktemp -d -t sssd-softhsm2-XXXXXX 1036s + tmpdir=/tmp/sssd-softhsm2-XIssWU 1036s + keys_size=1024 1036s + [[ ! -v KEEP_TEMPORARY_FILES ]] 1036s + trap 'rm -rf "$tmpdir"' EXIT 1036s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 1036s + echo -n 01 1036s + touch /tmp/sssd-softhsm2-XIssWU/index.txt 1036s + mkdir -p /tmp/sssd-softhsm2-XIssWU/new_certs 1036s + cat 1036s + root_ca_key_pass=pass:random-root-CA-password-11673 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-root-CA-key.pem -passout pass:random-root-CA-password-11673 1024 1036s + openssl req -passin pass:random-root-CA-password-11673 -batch -config /tmp/sssd-softhsm2-XIssWU/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-XIssWU/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1036s + cat 1036s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-93 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-93 1024 1036s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-93 -config /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.config -key /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-11673 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-certificate-request.pem 1036s + openssl req -text -noout -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-certificate-request.pem 1036s Certificate Request: 1036s Data: 1036s Version: 1 (0x0) 1036s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1036s Subject Public Key Info: 1036s Public Key Algorithm: rsaEncryption 1036s Public-Key: (1024 bit) 1036s Modulus: 1036s 00:a6:c1:16:a5:84:00:21:54:b2:36:0e:83:2c:bd: 1036s f4:e7:f1:14:9c:42:e7:fa:0f:e4:65:2e:59:b0:7d: 1036s b1:2a:dd:9c:a7:f1:76:c8:3b:bd:c7:e0:ef:cf:6e: 1036s 5b:a3:ba:f4:a5:f9:7c:e7:99:3e:03:c5:b7:22:25: 1036s 2d:d0:74:28:66:8b:1b:d1:39:b6:76:ac:75:d1:16: 1036s 05:8a:e3:53:ff:4c:76:99:a7:af:f3:29:f5:b2:80: 1036s e2:2d:c5:72:33:eb:5e:62:8f:32:f8:76:a1:5f:0b: 1036s 09:17:dc:09:9a:ae:e0:49:a5:0c:f3:3a:7e:36:ec: 1036s 90:1b:c9:31:66:74:a4:43:d5 1036s Exponent: 65537 (0x10001) 1036s Attributes: 1036s (none) 1036s Requested Extensions: 1036s Signature Algorithm: sha256WithRSAEncryption 1036s Signature Value: 1036s 3f:fe:ac:39:a1:ed:30:cf:e7:78:15:c9:c0:de:33:3b:89:8e: 1036s 61:00:ff:e7:75:78:21:2d:84:e7:96:f4:30:e3:ac:0e:1f:a5: 1036s 12:7d:04:87:84:a4:2d:c1:9b:ba:6c:f5:83:b1:44:53:54:6a: 1036s b1:98:0e:67:23:bd:2e:f3:11:30:30:3d:86:d5:c6:5c:0c:bf: 1036s 12:08:70:20:18:b6:97:88:7a:37:29:7c:bb:3e:ef:19:f3:e4: 1036s 90:b3:2b:1d:72:e6:ae:4f:03:27:ed:42:ea:c3:ae:d3:ed:08: 1036s 83:41:1f:78:36:83:cd:57:c1:df:15:18:11:21:f6:55:b8:9d: 1036s c8:ac 1036s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-XIssWU/test-root-CA.config -passin pass:random-root-CA-password-11673 -keyfile /tmp/sssd-softhsm2-XIssWU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1036s Using configuration from /tmp/sssd-softhsm2-XIssWU/test-root-CA.config 1036s Check that the request matches the signature 1036s Signature ok 1036s Certificate Details: 1036s Serial Number: 1 (0x1) 1036s Validity 1036s Not Before: Mar 23 22:56:13 2024 GMT 1036s Not After : Mar 23 22:56:13 2025 GMT 1036s Subject: 1036s organizationName = Test Organization 1036s organizationalUnitName = Test Organization Unit 1036s commonName = Test Organization Intermediate CA 1036s X509v3 extensions: 1036s X509v3 Subject Key Identifier: 1036s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1036s X509v3 Authority Key Identifier: 1036s keyid:C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1036s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1036s serial:00 1036s X509v3 Basic Constraints: 1036s CA:TRUE 1036s X509v3 Key Usage: critical 1036s Digital Signature, Certificate Sign, CRL Sign 1036s Certificate is to be certified until Mar 23 22:56:13 2025 GMT (365 days) 1036s 1036s Write out database with 1 new entries 1036s Database updated 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1036s + cat 1036s /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem: OK 1036s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-5881 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-5881 1024 1036s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-5881 -config /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-93 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-certificate-request.pem 1036s + openssl req -text -noout -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-certificate-request.pem 1036s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-93 -keyfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s Certificate Request: 1036s Data: 1036s Version: 1 (0x0) 1036s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1036s Subject Public Key Info: 1036s Public Key Algorithm: rsaEncryption 1036s Public-Key: (1024 bit) 1036s Modulus: 1036s 00:bb:ca:00:c5:df:d4:d5:27:fb:5d:f3:15:44:57: 1036s c0:92:5e:69:5c:62:9e:d7:4e:83:0a:40:4a:81:ea: 1036s 33:90:aa:e6:ae:3d:40:c5:17:7f:29:7f:e4:a6:71: 1036s 3c:d4:f8:f7:ba:f6:26:d5:62:f1:f8:cb:01:68:30: 1036s 0f:e9:37:86:5b:9b:91:f5:fd:61:61:39:61:1b:95: 1036s a9:ed:93:fc:14:17:c5:3f:c6:b3:85:b8:6f:48:c7: 1036s 26:dc:ad:d1:e0:2d:2a:f6:23:13:32:9a:de:8d:97: 1036s c4:fb:51:f8:c8:5f:eb:0f:51:20:ee:b4:a0:d9:3b: 1036s c8:d8:93:ca:22:91:13:68:1d 1036s Exponent: 65537 (0x10001) 1036s Attributes: 1036s (none) 1036s Requested Extensions: 1036s Signature Algorithm: sha256WithRSAEncryption 1036s Signature Value: 1036s 3a:fa:c8:22:f2:fa:9f:48:5a:a7:d9:55:78:bd:a7:52:71:4c: 1036s 07:98:81:fe:59:b6:db:5e:c7:0d:78:cd:c0:3e:ca:db:a9:03: 1036s 2a:ef:3c:70:7a:25:57:8e:54:3f:a4:e6:22:f0:79:b1:5b:72: 1036s 9e:ca:c2:ce:4e:a7:1e:15:11:41:b4:65:fd:59:e2:9b:ce:9f: 1036s b9:ed:44:90:aa:e4:ba:0d:39:2d:50:f4:36:c1:8d:69:1d:0c: 1036s d3:3c:de:db:2c:45:db:7a:ef:a6:18:f1:56:93:be:65:f4:21: 1036s 64:8d:8c:a1:f5:1e:32:8a:ec:ff:f4:b0:17:b9:2b:a6:0d:6e: 1036s 74:5d 1036s Using configuration from /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.config 1036s Check that the request matches the signature 1036s Signature ok 1036s Certificate Details: 1036s Serial Number: 2 (0x2) 1036s Validity 1036s Not Before: Mar 23 22:56:13 2024 GMT 1036s Not After : Mar 23 22:56:13 2025 GMT 1036s Subject: 1036s organizationName = Test Organization 1036s organizationalUnitName = Test Organization Unit 1036s commonName = Test Organization Sub Intermediate CA 1036s X509v3 extensions: 1036s X509v3 Subject Key Identifier: 1036s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1036s X509v3 Authority Key Identifier: 1036s keyid:19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1036s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1036s serial:01 1036s X509v3 Basic Constraints: 1036s CA:TRUE 1036s X509v3 Key Usage: critical 1036s Digital Signature, Certificate Sign, CRL Sign 1036s Certificate is to be certified until Mar 23 22:56:13 2025 GMT (365 days) 1036s 1036s Write out database with 1 new entries 1036s Database updated 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem: OK 1036s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1036s error 20 at 0 depth lookup: unable to get local issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem: verification failed 1036s + cat 1036s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-28154 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-28154 1024 1036s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-28154 -key /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-request.pem 1036s + openssl req -text -noout -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-request.pem 1036s Certificate Request: 1036s Data: 1036s Version: 1 (0x0) 1036s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1036s Subject Public Key Info: 1036s Public Key Algorithm: rsaEncryption 1036s Public-Key: (1024 bit) 1036s Modulus: 1036s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1036s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1036s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1036s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1036s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1036s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1036s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1036s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1036s 78:28:e0:9c:5a:54:07:f5:c3 1036s Exponent: 65537 (0x10001) 1036s Attributes: 1036s Requested Extensions: 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Root CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Signature Algorithm: sha256WithRSAEncryption 1036s Signature Value: 1036s 01:35:17:6d:7a:45:91:41:e4:c2:1d:ff:84:ef:cb:69:9e:80: 1036s 9a:a7:e7:fe:bf:a0:51:6c:03:62:9d:bc:4e:37:c9:62:91:8a: 1036s bf:24:6a:57:f8:c4:03:95:16:b0:fc:ea:fd:59:df:23:59:2f: 1036s 9e:87:87:59:df:79:28:3b:82:90:2f:39:8a:b9:08:d7:6d:00: 1036s 89:2a:35:87:af:37:e8:20:c7:9f:0e:34:48:84:a1:a4:68:81: 1036s 36:e9:8f:a0:b2:5a:96:85:f9:12:2d:c9:1f:7a:2f:ac:5e:e4: 1036s b9:87:7c:2b:c4:56:c7:39:cb:a0:2e:23:1a:50:dd:86:9b:9b: 1036s 6e:81 1036s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-XIssWU/test-root-CA.config -passin pass:random-root-CA-password-11673 -keyfile /tmp/sssd-softhsm2-XIssWU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s Using configuration from /tmp/sssd-softhsm2-XIssWU/test-root-CA.config 1036s Check that the request matches the signature 1036s Signature ok 1036s Certificate Details: 1036s Serial Number: 3 (0x3) 1036s Validity 1036s Not Before: Mar 23 22:56:13 2024 GMT 1036s Not After : Mar 23 22:56:13 2025 GMT 1036s Subject: 1036s organizationName = Test Organization 1036s organizationalUnitName = Test Organization Unit 1036s commonName = Test Organization Root Trusted Certificate 0001 1036s X509v3 extensions: 1036s X509v3 Authority Key Identifier: 1036s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Root CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Certificate is to be certified until Mar 23 22:56:13 2025 GMT (365 days) 1036s 1036s Write out database with 1 new entries 1036s Database updated 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem: OK 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1036s error 20 at 0 depth lookup: unable to get local issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem: verification failed 1036s + cat 1036s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-20237 1024 1036s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-20237 -key /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-request.pem 1036s + openssl req -text -noout -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-request.pem 1036s + openssl ca -passin pass:random-intermediate-CA-password-93 -config /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s Certificate Request: 1036s Data: 1036s Version: 1 (0x0) 1036s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1036s Subject Public Key Info: 1036s Public Key Algorithm: rsaEncryption 1036s Public-Key: (1024 bit) 1036s Modulus: 1036s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1036s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1036s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1036s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1036s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1036s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1036s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1036s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1036s e5:11:b6:cf:05:57:4e:e8:f9 1036s Exponent: 65537 (0x10001) 1036s Attributes: 1036s Requested Extensions: 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Intermediate CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Signature Algorithm: sha256WithRSAEncryption 1036s Signature Value: 1036s ce:ee:1a:8c:e9:01:ed:c2:97:5d:15:4f:fe:93:e5:93:f1:1e: 1036s bd:6a:63:c9:11:96:8b:92:03:11:86:1e:f6:86:1a:2f:c5:3a: 1036s ca:25:b0:b0:89:6d:54:55:8c:70:08:5f:9b:96:93:0c:4b:40: 1036s 20:fd:7e:c6:3f:75:58:86:f4:55:a3:5d:2b:69:11:2a:98:f2: 1036s 7c:4a:fe:a3:4c:23:51:2d:f9:77:08:02:e0:f5:93:a5:12:13: 1036s ec:34:cb:ae:f7:30:d9:11:2d:ea:0b:0a:f9:cc:3d:bf:36:e1: 1036s 06:ad:37:87:83:2f:17:53:d2:0c:e2:5d:fc:0a:ed:f3:fb:30: 1036s 50:bc 1036s Using configuration from /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.config 1036s Check that the request matches the signature 1036s Signature ok 1036s Certificate Details: 1036s Serial Number: 4 (0x4) 1036s Validity 1036s Not Before: Mar 23 22:56:13 2024 GMT 1036s Not After : Mar 23 22:56:13 2025 GMT 1036s Subject: 1036s organizationName = Test Organization 1036s organizationalUnitName = Test Organization Unit 1036s commonName = Test Organization Intermediate Trusted Certificate 0001 1036s X509v3 extensions: 1036s X509v3 Authority Key Identifier: 1036s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Intermediate CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Certificate is to be certified until Mar 23 22:56:13 2025 GMT (365 days) 1036s 1036s Write out database with 1 new entries 1036s Database updated 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s + echo 'This certificate should not be trusted fully' 1036s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s This certificate should not be trusted fully 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1036s error 2 at 1 depth lookup: unable to get issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 1036s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s + cat 1036s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1036s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1024 1036s /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem: OK 1036s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-23033 -key /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1036s + openssl req -text -noout -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1036s + openssl ca -passin pass:random-sub-intermediate-CA-password-5881 -config /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s Certificate Request: 1036s Data: 1036s Version: 1 (0x0) 1036s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1036s Subject Public Key Info: 1036s Public Key Algorithm: rsaEncryption 1036s Public-Key: (1024 bit) 1036s Modulus: 1036s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1036s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1036s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1036s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1036s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1036s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1036s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1036s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1036s a8:9f:f6:73:73:12:d0:e2:4f 1036s Exponent: 65537 (0x10001) 1036s Attributes: 1036s Requested Extensions: 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Sub Intermediate CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Signature Algorithm: sha256WithRSAEncryption 1036s Signature Value: 1036s 9c:6a:26:10:a2:8b:64:44:3f:8a:0b:ca:83:45:d2:17:f5:11: 1036s 21:2f:a5:74:5c:03:3f:08:e2:b1:7b:3f:ba:a6:d1:fa:f2:2d: 1036s 00:df:33:d4:05:8d:ab:99:cd:49:65:46:4a:97:58:ec:af:25: 1036s f1:dd:96:28:4c:e7:dc:00:bd:6c:be:31:f2:43:9f:69:6f:ef: 1036s aa:91:53:79:49:75:9e:c2:d2:02:f6:06:7d:8c:04:60:ef:62: 1036s 63:f7:1b:c4:df:75:59:25:f1:30:a2:f5:49:f0:dd:66:c8:da: 1036s fb:c9:cb:a8:3d:22:f4:81:47:26:4a:52:41:ab:be:39:80:4c: 1036s 8f:de 1036s Using configuration from /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.config 1036s Check that the request matches the signature 1036s Signature ok 1036s Certificate Details: 1036s Serial Number: 5 (0x5) 1036s Validity 1036s Not Before: Mar 23 22:56:13 2024 GMT 1036s Not After : Mar 23 22:56:13 2025 GMT 1036s Subject: 1036s organizationName = Test Organization 1036s organizationalUnitName = Test Organization Unit 1036s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 1036s X509v3 extensions: 1036s X509v3 Authority Key Identifier: 1036s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1036s X509v3 Basic Constraints: 1036s CA:FALSE 1036s Netscape Cert Type: 1036s SSL Client, S/MIME 1036s Netscape Comment: 1036s Test Organization Sub Intermediate CA trusted Certificate 1036s X509v3 Subject Key Identifier: 1036s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1036s X509v3 Key Usage: critical 1036s Digital Signature, Non Repudiation, Key Encipherment 1036s X509v3 Extended Key Usage: 1036s TLS Web Client Authentication, E-mail Protection 1036s X509v3 Subject Alternative Name: 1036s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1036s Certificate is to be certified until Mar 23 22:56:13 2025 GMT (365 days) 1036s 1036s Write out database with 1 new entries 1036s Database updated 1036s + openssl x509 -noout -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s + echo 'This certificate should not be trusted fully' 1036s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s This certificate should not be trusted fully 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1036s error 2 at 1 depth lookup: unable to get issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1036s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1036s error 20 at 0 depth lookup: unable to get local issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1036s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1036s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s + local cmd=openssl 1036s + shift 1036s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1036s error 20 at 0 depth lookup: unable to get local issuer certificate 1036s error /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1036s + echo 'Building a the full-chain CA file...' 1036s + cat /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s Building a the full-chain CA file... 1036s + cat /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1036s + cat /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1036s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1036s + openssl pkcs7 -print_certs -noout 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1036s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1036s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1036s 1036s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1036s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1036s 1036s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1036s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1036s 1036s /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem: OK 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem: OK 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem /tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem 1036s /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem: OK 1036s /tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem: OK 1036s + openssl verify -CAfile /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1036s + echo 'Certificates generation completed!' 1036s /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1036s Certificates generation completed! 1036s + [[ -v NO_SSSD_TESTS ]] 1036s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /dev/null 1036s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /dev/null 1036s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1036s + local key_ring=/dev/null 1036s + local verify_option= 1036s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1036s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1036s + local key_cn 1036s + local key_name 1036s + local tokens_dir 1036s + local output_cert_file 1036s + token_name= 1036s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1036s + key_name=test-root-CA-trusted-certificate-0001 1036s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s ++ sed -n 's/ *commonName *= //p' 1036s + key_cn='Test Organization Root Trusted Certificate 0001' 1036s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1036s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1036s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1036s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1036s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1036s + token_name='Test Organization Root Tr Token' 1036s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1036s + local key_file 1036s + local decrypted_key 1036s + mkdir -p /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1036s + key_file=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key.pem 1036s + decrypted_key=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1036s + cat 1036s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 1036s Slot 0 has a free/uninitialized token. 1036s The token has been initialized and is reassigned to slot 1781221048 1036s + softhsm2-util --show-slots 1036s Available slots: 1036s Slot 1781221048 1036s Slot info: 1036s Description: SoftHSM slot ID 0x6a2b46b8 1036s Manufacturer ID: SoftHSM project 1036s Hardware version: 2.6 1036s Firmware version: 2.6 1036s Token present: yes 1036s Token info: 1036s Manufacturer ID: SoftHSM project 1036s Model: SoftHSM v2 1036s Hardware version: 2.6 1036s Firmware version: 2.6 1036s Serial number: a08a7eb36a2b46b8 1036s Initialized: yes 1036s User PIN init.: yes 1036s Label: Test Organization Root Tr Token 1036s Slot 1 1036s Slot info: 1036s Description: SoftHSM slot ID 0x1 1036s Manufacturer ID: SoftHSM project 1036s Hardware version: 2.6 1036s Firmware version: 2.6 1036s Token present: yes 1036s Token info: 1036s Manufacturer ID: SoftHSM project 1036s Model: SoftHSM v2 1036s Hardware version: 2.6 1036s Firmware version: 2.6 1036s Serial number: 1036s Initialized: no 1036s User PIN init.: no 1036s Label: 1036s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1036s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-28154 -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1036s writing RSA key 1036s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1036s + rm /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1036s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1036s Object 0: 1036s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 1036s Type: X.509 Certificate (RSA-1024) 1036s Expires: Sun Mar 23 22:56:13 2025 1036s Label: Test Organization Root Trusted Certificate 0001 1036s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1036s 1036s Test Organization Root Tr Token 1036s + echo 'Test Organization Root Tr Token' 1036s + '[' -n '' ']' 1036s + local output_base_name=SSSD-child-2108 1036s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-2108.output 1036s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-2108.pem 1036s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 1036s [p11_child[2120]] [main] (0x0400): p11_child started. 1036s [p11_child[2120]] [main] (0x2000): Running in [pre-auth] mode. 1036s [p11_child[2120]] [main] (0x2000): Running with effective IDs: [0][0]. 1036s [p11_child[2120]] [main] (0x2000): Running with real IDs [0][0]. 1036s [p11_child[2120]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 1036s [p11_child[2120]] [do_work] (0x0040): init_verification failed. 1036s [p11_child[2120]] [main] (0x0020): p11_child failed (5) 1036s + return 2 1036s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /dev/null no_verification 1036s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /dev/null no_verification 1036s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1036s + local key_ring=/dev/null 1036s + local verify_option=no_verification 1036s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1036s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1036s + local key_cn 1036s + local key_name 1036s + local tokens_dir 1036s + local output_cert_file 1036s + token_name= 1036s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1036s + key_name=test-root-CA-trusted-certificate-0001 1036s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1036s ++ sed -n 's/ *commonName *= //p' 1036s + key_cn='Test Organization Root Trusted Certificate 0001' 1036s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1036s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1036s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1036s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1036s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1036s + token_name='Test Organization Root Tr Token' 1036s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1036s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1036s + echo 'Test Organization Root Tr Token' 1036s + '[' -n no_verification ']' 1036s + local verify_arg=--verify=no_verification 1036s + local output_base_name=SSSD-child-24602 1036s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.output 1036s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.pem 1036s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 1036s Test Organization Root Tr Token 1036s [p11_child[2126]] [main] (0x0400): p11_child started. 1036s [p11_child[2126]] [main] (0x2000): Running in [pre-auth] mode. 1036s [p11_child[2126]] [main] (0x2000): Running with effective IDs: [0][0]. 1036s [p11_child[2126]] [main] (0x2000): Running with real IDs [0][0]. 1036s [p11_child[2126]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1036s [p11_child[2126]] [do_card] (0x4000): Module List: 1036s [p11_child[2126]] [do_card] (0x4000): common name: [softhsm2]. 1036s [p11_child[2126]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1036s [p11_child[2126]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1036s [p11_child[2126]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1036s [p11_child[2126]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1036s [p11_child[2126]] [do_card] (0x4000): Login NOT required. 1036s [p11_child[2126]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1036s [p11_child[2126]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1036s [p11_child[2126]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1036s [p11_child[2126]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1036s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.output 1036s + echo '-----BEGIN CERTIFICATE-----' 1036s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.output 1036s + echo '-----END CERTIFICATE-----' 1036s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.pem 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s + local found_md5 expected_md5 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + expected_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.output 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.output .output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.pem 1037s + echo -n 053350 1037s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1037s [p11_child[2134]] [main] (0x0400): p11_child started. 1037s [p11_child[2134]] [main] (0x2000): Running in [auth] mode. 1037s [p11_child[2134]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2134]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2134]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1037s [p11_child[2134]] [do_card] (0x4000): Module List: 1037s [p11_child[2134]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2134]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2134]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2134]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2134]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2134]] [do_card] (0x4000): Login required. 1037s [p11_child[2134]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2134]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2134]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1037s [p11_child[2134]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1037s [p11_child[2134]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1037s [p11_child[2134]] [do_card] (0x4000): Certificate verified and validated. 1037s [p11_child[2134]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.pem 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-24602-auth.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s + local verify_option= 1037s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_cn 1037s + local key_name 1037s + local tokens_dir 1037s + local output_cert_file 1037s + token_name= 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1037s + key_name=test-root-CA-trusted-certificate-0001 1037s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s ++ sed -n 's/ *commonName *= //p' 1037s + key_cn='Test Organization Root Trusted Certificate 0001' 1037s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1037s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1037s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1037s + token_name='Test Organization Root Tr Token' 1037s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1037s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1037s + echo 'Test Organization Root Tr Token' 1037s + '[' -n '' ']' 1037s Test Organization Root Tr Token 1037s + local output_base_name=SSSD-child-26547 1037s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.pem 1037s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s [p11_child[2144]] [main] (0x0400): p11_child started. 1037s [p11_child[2144]] [main] (0x2000): Running in [pre-auth] mode. 1037s [p11_child[2144]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2144]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2144]] [do_card] (0x4000): Module List: 1037s [p11_child[2144]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2144]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2144]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2144]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2144]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2144]] [do_card] (0x4000): Login NOT required. 1037s [p11_child[2144]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2144]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1037s [p11_child[2144]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2144]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2144]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.pem 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s + local found_md5 expected_md5 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + expected_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.output 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.output .output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.pem 1037s + echo -n 053350 1037s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1037s [p11_child[2152]] [main] (0x0400): p11_child started. 1037s [p11_child[2152]] [main] (0x2000): Running in [auth] mode. 1037s [p11_child[2152]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2152]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2152]] [do_card] (0x4000): Module List: 1037s [p11_child[2152]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2152]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2152]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2152]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2152]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2152]] [do_card] (0x4000): Login required. 1037s [p11_child[2152]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2152]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1037s [p11_child[2152]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2152]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1037s [p11_child[2152]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1037s [p11_child[2152]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1037s [p11_child[2152]] [do_card] (0x4000): Certificate verified and validated. 1037s [p11_child[2152]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.pem 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-26547-auth.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1037s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s + local verify_option=partial_chain 1037s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_cn 1037s + local key_name 1037s + local tokens_dir 1037s + local output_cert_file 1037s + token_name= 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1037s + key_name=test-root-CA-trusted-certificate-0001 1037s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s ++ sed -n 's/ *commonName *= //p' 1037s + key_cn='Test Organization Root Trusted Certificate 0001' 1037s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1037s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1037s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1037s + token_name='Test Organization Root Tr Token' 1037s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1037s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1037s + echo 'Test Organization Root Tr Token' 1037s + '[' -n partial_chain ']' 1037s + local verify_arg=--verify=partial_chain 1037s + local output_base_name=SSSD-child-20344 1037s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.pem 1037s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1037s Test Organization Root Tr Token 1037s [p11_child[2162]] [main] (0x0400): p11_child started. 1037s [p11_child[2162]] [main] (0x2000): Running in [pre-auth] mode. 1037s [p11_child[2162]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2162]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2162]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1037s [p11_child[2162]] [do_card] (0x4000): Module List: 1037s [p11_child[2162]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2162]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2162]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2162]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2162]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2162]] [do_card] (0x4000): Login NOT required. 1037s [p11_child[2162]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2162]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1037s [p11_child[2162]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2162]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2162]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.pem 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s + local found_md5 expected_md5 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + expected_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.output 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.output .output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.pem 1037s + echo -n 053350 1037s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1037s [p11_child[2170]] [main] (0x0400): p11_child started. 1037s [p11_child[2170]] [main] (0x2000): Running in [auth] mode. 1037s [p11_child[2170]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2170]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2170]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1037s [p11_child[2170]] [do_card] (0x4000): Module List: 1037s [p11_child[2170]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2170]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2170]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2170]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2170]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2170]] [do_card] (0x4000): Login required. 1037s [p11_child[2170]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2170]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1037s [p11_child[2170]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2170]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1037s [p11_child[2170]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1037s [p11_child[2170]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1037s [p11_child[2170]] [do_card] (0x4000): Certificate verified and validated. 1037s [p11_child[2170]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.pem 1037s Certificate: 1037s Data: 1037s Version: 3 (0x2) 1037s Serial Number: 3 (0x3) 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1037s Validity 1037s Not Before: Mar 23 22:56:13 2024 GMT 1037s Not After : Mar 23 22:56:13 2025 GMT 1037s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1037s Subject Public Key Info: 1037s Public Key Algorithm: rsaEncryption 1037s Public-Key: (1024 bit) 1037s Modulus: 1037s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1037s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1037s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1037s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1037s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1037s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1037s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1037s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1037s 78:28:e0:9c:5a:54:07:f5:c3 1037s Exponent: 65537 (0x10001) 1037s X509v3 extensions: 1037s X509v3 Authority Key Identifier: 1037s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1037s X509v3 Basic Constraints: 1037s CA:FALSE 1037s Netscape Cert Type: 1037s SSL Client, S/MIME 1037s Netscape Comment: 1037s Test Organization Root CA trusted Certificate 1037s X509v3 Subject Key Identifier: 1037s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1037s X509v3 Key Usage: critical 1037s Digital Signature, Non Repudiation, Key Encipherment 1037s X509v3 Extended Key Usage: 1037s TLS Web Client Authentication, E-mail Protection 1037s X509v3 Subject Alternative Name: 1037s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1037s Signature Algorithm: sha256WithRSAEncryption 1037s Signature Value: 1037s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1037s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1037s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1037s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1037s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1037s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1037s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1037s 68:84 1037s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-20344-auth.pem 1037s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1037s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1037s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1037s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1037s + local verify_option= 1037s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1037s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1037s + local key_cn 1037s + local key_name 1037s + local tokens_dir 1037s + local output_cert_file 1037s + token_name= 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1037s + key_name=test-root-CA-trusted-certificate-0001 1037s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1037s ++ sed -n 's/ *commonName *= //p' 1037s + key_cn='Test Organization Root Trusted Certificate 0001' 1037s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1037s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1037s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1037s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1037s + token_name='Test Organization Root Tr Token' 1037s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1037s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1037s + echo 'Test Organization Root Tr Token' 1037s Test Organization Root Tr Token 1037s + '[' -n '' ']' 1037s + local output_base_name=SSSD-child-32125 1037s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.output 1037s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.pem 1037s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1037s [p11_child[2180]] [main] (0x0400): p11_child started. 1037s [p11_child[2180]] [main] (0x2000): Running in [pre-auth] mode. 1037s [p11_child[2180]] [main] (0x2000): Running with effective IDs: [0][0]. 1037s [p11_child[2180]] [main] (0x2000): Running with real IDs [0][0]. 1037s [p11_child[2180]] [do_card] (0x4000): Module List: 1037s [p11_child[2180]] [do_card] (0x4000): common name: [softhsm2]. 1037s [p11_child[2180]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2180]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1037s [p11_child[2180]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1037s [p11_child[2180]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1037s [p11_child[2180]] [do_card] (0x4000): Login NOT required. 1037s [p11_child[2180]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1037s [p11_child[2180]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1037s [p11_child[2180]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1037s [p11_child[2180]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1037s [p11_child[2180]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1037s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.output 1037s + echo '-----BEGIN CERTIFICATE-----' 1037s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.output 1037s + echo '-----END CERTIFICATE-----' 1037s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.pem 1038s Certificate: 1038s Data: 1038s Version: 3 (0x2) 1038s Serial Number: 3 (0x3) 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1038s Validity 1038s Not Before: Mar 23 22:56:13 2024 GMT 1038s Not After : Mar 23 22:56:13 2025 GMT 1038s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1038s Subject Public Key Info: 1038s Public Key Algorithm: rsaEncryption 1038s Public-Key: (1024 bit) 1038s Modulus: 1038s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1038s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1038s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1038s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1038s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1038s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1038s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1038s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1038s 78:28:e0:9c:5a:54:07:f5:c3 1038s Exponent: 65537 (0x10001) 1038s X509v3 extensions: 1038s X509v3 Authority Key Identifier: 1038s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1038s X509v3 Basic Constraints: 1038s CA:FALSE 1038s Netscape Cert Type: 1038s SSL Client, S/MIME 1038s Netscape Comment: 1038s Test Organization Root CA trusted Certificate 1038s X509v3 Subject Key Identifier: 1038s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1038s X509v3 Key Usage: critical 1038s Digital Signature, Non Repudiation, Key Encipherment 1038s X509v3 Extended Key Usage: 1038s TLS Web Client Authentication, E-mail Protection 1038s X509v3 Subject Alternative Name: 1038s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Signature Value: 1038s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1038s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1038s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1038s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1038s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1038s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1038s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1038s 68:84 1038s + local found_md5 expected_md5 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + expected_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125.pem 1038s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1038s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.output 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.output .output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.pem 1038s + echo -n 053350 1038s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1038s [p11_child[2188]] [main] (0x0400): p11_child started. 1038s [p11_child[2188]] [main] (0x2000): Running in [auth] mode. 1038s [p11_child[2188]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2188]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2188]] [do_card] (0x4000): Module List: 1038s [p11_child[2188]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2188]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2188]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2188]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1038s [p11_child[2188]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2188]] [do_card] (0x4000): Login required. 1038s [p11_child[2188]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1038s [p11_child[2188]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1038s [p11_child[2188]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1038s [p11_child[2188]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1038s [p11_child[2188]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1038s [p11_child[2188]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1038s [p11_child[2188]] [do_card] (0x4000): Certificate verified and validated. 1038s [p11_child[2188]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.output 1038s + echo '-----BEGIN CERTIFICATE-----' 1038s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.output 1038s + echo '-----END CERTIFICATE-----' 1038s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.pem 1038s Certificate: 1038s Data: 1038s Version: 3 (0x2) 1038s Serial Number: 3 (0x3) 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1038s Validity 1038s Not Before: Mar 23 22:56:13 2024 GMT 1038s Not After : Mar 23 22:56:13 2025 GMT 1038s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1038s Subject Public Key Info: 1038s Public Key Algorithm: rsaEncryption 1038s Public-Key: (1024 bit) 1038s Modulus: 1038s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1038s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1038s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1038s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1038s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1038s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1038s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1038s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1038s 78:28:e0:9c:5a:54:07:f5:c3 1038s Exponent: 65537 (0x10001) 1038s X509v3 extensions: 1038s X509v3 Authority Key Identifier: 1038s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1038s X509v3 Basic Constraints: 1038s CA:FALSE 1038s Netscape Cert Type: 1038s SSL Client, S/MIME 1038s Netscape Comment: 1038s Test Organization Root CA trusted Certificate 1038s X509v3 Subject Key Identifier: 1038s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1038s X509v3 Key Usage: critical 1038s Digital Signature, Non Repudiation, Key Encipherment 1038s X509v3 Extended Key Usage: 1038s TLS Web Client Authentication, E-mail Protection 1038s X509v3 Subject Alternative Name: 1038s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Signature Value: 1038s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1038s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1038s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1038s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1038s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1038s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1038s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1038s 68:84 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-32125-auth.pem 1038s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1038s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1038s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1038s + local verify_option=partial_chain 1038s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_cn 1038s + local key_name 1038s + local tokens_dir 1038s + local output_cert_file 1038s + token_name= 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1038s + key_name=test-root-CA-trusted-certificate-0001 1038s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s ++ sed -n 's/ *commonName *= //p' 1038s + key_cn='Test Organization Root Trusted Certificate 0001' 1038s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1038s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1038s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1038s + token_name='Test Organization Root Tr Token' 1038s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1038s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1038s + echo 'Test Organization Root Tr Token' 1038s + '[' -n partial_chain ']' 1038s + local verify_arg=--verify=partial_chain 1038s Test Organization Root Tr Token 1038s + local output_base_name=SSSD-child-31829 1038s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.pem 1038s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1038s [p11_child[2198]] [main] (0x0400): p11_child started. 1038s [p11_child[2198]] [main] (0x2000): Running in [pre-auth] mode. 1038s [p11_child[2198]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2198]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2198]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1038s [p11_child[2198]] [do_card] (0x4000): Module List: 1038s [p11_child[2198]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2198]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2198]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2198]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1038s [p11_child[2198]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2198]] [do_card] (0x4000): Login NOT required. 1038s [p11_child[2198]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1038s [p11_child[2198]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1038s [p11_child[2198]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1038s [p11_child[2198]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1038s [p11_child[2198]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.output 1038s + echo '-----BEGIN CERTIFICATE-----' 1038s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.output 1038s + echo '-----END CERTIFICATE-----' 1038s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.pem 1038s + local found_md5 expected_md5 1038s Certificate: 1038s Data: 1038s Version: 3 (0x2) 1038s Serial Number: 3 (0x3) 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1038s Validity 1038s Not Before: Mar 23 22:56:13 2024 GMT 1038s Not After : Mar 23 22:56:13 2025 GMT 1038s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1038s Subject Public Key Info: 1038s Public Key Algorithm: rsaEncryption 1038s Public-Key: (1024 bit) 1038s Modulus: 1038s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1038s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1038s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1038s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1038s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1038s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1038s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1038s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1038s 78:28:e0:9c:5a:54:07:f5:c3 1038s Exponent: 65537 (0x10001) 1038s X509v3 extensions: 1038s X509v3 Authority Key Identifier: 1038s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1038s X509v3 Basic Constraints: 1038s CA:FALSE 1038s Netscape Cert Type: 1038s SSL Client, S/MIME 1038s Netscape Comment: 1038s Test Organization Root CA trusted Certificate 1038s X509v3 Subject Key Identifier: 1038s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1038s X509v3 Key Usage: critical 1038s Digital Signature, Non Repudiation, Key Encipherment 1038s X509v3 Extended Key Usage: 1038s TLS Web Client Authentication, E-mail Protection 1038s X509v3 Subject Alternative Name: 1038s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Signature Value: 1038s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1038s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1038s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1038s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1038s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1038s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1038s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1038s 68:84 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + expected_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829.pem 1038s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1038s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.output 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.output .output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.pem 1038s + echo -n 053350 1038s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1038s [p11_child[2206]] [main] (0x0400): p11_child started. 1038s [p11_child[2206]] [main] (0x2000): Running in [auth] mode. 1038s [p11_child[2206]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2206]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2206]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1038s [p11_child[2206]] [do_card] (0x4000): Module List: 1038s [p11_child[2206]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2206]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2206]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2206]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1038s [p11_child[2206]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2206]] [do_card] (0x4000): Login required. 1038s [p11_child[2206]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1038s [p11_child[2206]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1038s [p11_child[2206]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1038s [p11_child[2206]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6a2b46b8;slot-manufacturer=SoftHSM%20project;slot-id=1781221048;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a08a7eb36a2b46b8;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1038s [p11_child[2206]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1038s [p11_child[2206]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1038s [p11_child[2206]] [do_card] (0x4000): Certificate verified and validated. 1038s [p11_child[2206]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.output 1038s + echo '-----BEGIN CERTIFICATE-----' 1038s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.output 1038s + echo '-----END CERTIFICATE-----' 1038s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.pem 1038s Certificate: 1038s Data: 1038s Version: 3 (0x2) 1038s Serial Number: 3 (0x3) 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1038s Validity 1038s Not Before: Mar 23 22:56:13 2024 GMT 1038s Not After : Mar 23 22:56:13 2025 GMT 1038s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1038s Subject Public Key Info: 1038s Public Key Algorithm: rsaEncryption 1038s Public-Key: (1024 bit) 1038s Modulus: 1038s 00:f5:8f:a1:b0:43:ac:95:5c:2d:96:de:96:6d:fd: 1038s 96:1d:d3:41:c8:16:bd:54:c0:46:68:8f:03:e9:4c: 1038s 59:5e:2c:cd:f3:3c:9b:3f:aa:47:db:6e:52:0a:50: 1038s 8a:3d:d9:a2:a9:d3:7f:01:d8:f5:1f:eb:6f:dd:c9: 1038s 9e:6b:83:de:cd:ab:aa:6b:f2:37:38:e0:8d:06:20: 1038s 3e:b9:75:32:44:0b:f0:53:31:8e:60:0c:90:4d:ff: 1038s fe:51:fc:a7:d5:38:69:0c:3f:09:5c:65:09:73:17: 1038s df:08:3d:5e:d6:6f:7e:2a:a7:bf:9f:2b:ec:ce:58: 1038s 78:28:e0:9c:5a:54:07:f5:c3 1038s Exponent: 65537 (0x10001) 1038s X509v3 extensions: 1038s X509v3 Authority Key Identifier: 1038s C0:E7:2F:4F:49:F3:5D:06:69:6E:3E:0A:40:A3:8C:16:AB:FA:FE:61 1038s X509v3 Basic Constraints: 1038s CA:FALSE 1038s Netscape Cert Type: 1038s SSL Client, S/MIME 1038s Netscape Comment: 1038s Test Organization Root CA trusted Certificate 1038s X509v3 Subject Key Identifier: 1038s F3:8B:6C:02:58:77:61:DE:86:E2:16:18:47:23:12:D9:88:FC:EF:A8 1038s X509v3 Key Usage: critical 1038s Digital Signature, Non Repudiation, Key Encipherment 1038s X509v3 Extended Key Usage: 1038s TLS Web Client Authentication, E-mail Protection 1038s X509v3 Subject Alternative Name: 1038s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Signature Value: 1038s 69:65:f5:f1:c5:40:09:95:ff:4e:97:b0:e7:30:ea:b0:db:9b: 1038s 9b:de:20:03:fc:fe:92:31:e7:c3:31:fc:b2:01:72:4c:28:69: 1038s 05:c4:56:52:53:22:27:54:42:e2:da:4c:af:51:41:61:f8:e1: 1038s cb:0c:07:9d:a5:e0:cd:ec:ff:e1:22:73:d7:7b:25:04:d0:57: 1038s 99:6a:e5:d4:e1:ab:36:19:10:66:35:b8:18:ad:12:b6:49:06: 1038s f1:fa:a6:07:ae:21:a8:f6:e2:aa:6d:e8:75:3d:60:c2:78:59: 1038s c5:b4:2a:5b:29:86:ae:ef:14:93:b4:03:7b:54:db:12:40:0c: 1038s 68:84 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31829-auth.pem 1038s + found_md5=Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 1038s + '[' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 '!=' Modulus=F58FA1B043AC955C2D96DE966DFD961DD341C816BD54C046688F03E94C595E2CCDF33C9B3FAA47DB6E520A508A3DD9A2A9D37F01D8F51FEB6FDDC99E6B83DECDABAA6BF23738E08D06203EB97532440BF053318E600C904DFFFE51FCA7D538690C3F095C65097317DF083D5ED66F7E2AA7BF9F2BECCE587828E09C5A5407F5C3 ']' 1038s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s + local verify_option= 1038s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_cn 1038s + local key_name 1038s + local tokens_dir 1038s + local output_cert_file 1038s + token_name= 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1038s + key_name=test-root-CA-trusted-certificate-0001 1038s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s ++ sed -n 's/ *commonName *= //p' 1038s + key_cn='Test Organization Root Trusted Certificate 0001' 1038s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1038s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1038s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1038s + token_name='Test Organization Root Tr Token' 1038s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1038s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1038s + echo 'Test Organization Root Tr Token' 1038s + '[' -n '' ']' 1038s + local output_base_name=SSSD-child-10480 1038s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-10480.output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-10480.pem 1038s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s Test Organization Root Tr Token 1038s [p11_child[2216]] [main] (0x0400): p11_child started. 1038s [p11_child[2216]] [main] (0x2000): Running in [pre-auth] mode. 1038s [p11_child[2216]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2216]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2216]] [do_card] (0x4000): Module List: 1038s [p11_child[2216]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2216]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2216]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2216]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1038s [p11_child[2216]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2216]] [do_card] (0x4000): Login NOT required. 1038s [p11_child[2216]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1038s [p11_child[2216]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1038s [p11_child[2216]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1038s [p11_child[2216]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 1038s [p11_child[2216]] [do_card] (0x4000): No certificate found. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-10480.output 1038s + return 2 1038s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem partial_chain 1038s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem partial_chain 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s + local verify_option=partial_chain 1038s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28154 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-root-ca-trusted-cert-0001-28154 1038s + local key_cn 1038s + local key_name 1038s + local tokens_dir 1038s + local output_cert_file 1038s + token_name= 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem .pem 1038s + key_name=test-root-CA-trusted-certificate-0001 1038s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-root-CA-trusted-certificate-0001.pem 1038s ++ sed -n 's/ *commonName *= //p' 1038s + key_cn='Test Organization Root Trusted Certificate 0001' 1038s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1038s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1038s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 1038s + token_name='Test Organization Root Tr Token' 1038s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1038s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 1038s + echo 'Test Organization Root Tr Token' 1038s Test Organization Root Tr Token 1038s + '[' -n partial_chain ']' 1038s + local verify_arg=--verify=partial_chain 1038s + local output_base_name=SSSD-child-3200 1038s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-3200.output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-3200.pem 1038s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1038s [p11_child[2223]] [main] (0x0400): p11_child started. 1038s [p11_child[2223]] [main] (0x2000): Running in [pre-auth] mode. 1038s [p11_child[2223]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2223]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2223]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1038s [p11_child[2223]] [do_card] (0x4000): Module List: 1038s [p11_child[2223]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2223]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2223]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6a2b46b8] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2223]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 1038s [p11_child[2223]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6a2b46b8][1781221048] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2223]] [do_card] (0x4000): Login NOT required. 1038s [p11_child[2223]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 1038s [p11_child[2223]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1038s [p11_child[2223]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1038s [p11_child[2223]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 1038s [p11_child[2223]] [do_card] (0x4000): No certificate found. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-3200.output 1038s + return 2 1038s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /dev/null 1038s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /dev/null 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local key_ring=/dev/null 1038s + local verify_option= 1038s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local key_cn 1038s + local key_name 1038s + local tokens_dir 1038s + local output_cert_file 1038s + token_name= 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1038s + key_name=test-intermediate-CA-trusted-certificate-0001 1038s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s ++ sed -n 's/ *commonName *= //p' 1038s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1038s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1038s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1038s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1038s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1038s + token_name='Test Organization Interme Token' 1038s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1038s + local key_file 1038s + local decrypted_key 1038s + mkdir -p /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1038s + key_file=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key.pem 1038s + decrypted_key=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1038s + cat 1038s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 1038s Slot 0 has a free/uninitialized token. 1038s The token has been initialized and is reassigned to slot 255680398 1038s + softhsm2-util --show-slots 1038s Available slots: 1038s Slot 255680398 1038s Slot info: 1038s Description: SoftHSM slot ID 0xf3d5f8e 1038s Manufacturer ID: SoftHSM project 1038s Hardware version: 2.6 1038s Firmware version: 2.6 1038s Token present: yes 1038s Token info: 1038s Manufacturer ID: SoftHSM project 1038s Model: SoftHSM v2 1038s Hardware version: 2.6 1038s Firmware version: 2.6 1038s Serial number: e245e49c8f3d5f8e 1038s Initialized: yes 1038s User PIN init.: yes 1038s Label: Test Organization Interme Token 1038s Slot 1 1038s Slot info: 1038s Description: SoftHSM slot ID 0x1 1038s Manufacturer ID: SoftHSM project 1038s Hardware version: 2.6 1038s Firmware version: 2.6 1038s Token present: yes 1038s Token info: 1038s Manufacturer ID: SoftHSM project 1038s Model: SoftHSM v2 1038s Hardware version: 2.6 1038s Firmware version: 2.6 1038s Serial number: 1038s Initialized: no 1038s User PIN init.: no 1038s Label: 1038s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1038s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-20237 -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1038s writing RSA key 1038s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1038s + rm /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1038s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1038s Object 0: 1038s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 1038s Type: X.509 Certificate (RSA-1024) 1038s Expires: Sun Mar 23 22:56:13 2025 1038s Label: Test Organization Intermediate Trusted Certificate 0001 1038s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1038s 1038s + echo 'Test Organization Interme Token' 1038s Test Organization Interme Token 1038s + '[' -n '' ']' 1038s + local output_base_name=SSSD-child-25560 1038s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-25560.output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-25560.pem 1038s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 1038s [p11_child[2239]] [main] (0x0400): p11_child started. 1038s [p11_child[2239]] [main] (0x2000): Running in [pre-auth] mode. 1038s [p11_child[2239]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2239]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2239]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 1038s [p11_child[2239]] [do_work] (0x0040): init_verification failed. 1038s [p11_child[2239]] [main] (0x0020): p11_child failed (5) 1038s + return 2 1038s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /dev/null no_verification 1038s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /dev/null no_verification 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local key_ring=/dev/null 1038s + local verify_option=no_verification 1038s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1038s + local key_cn 1038s + local key_name 1038s + local tokens_dir 1038s + local output_cert_file 1038s + token_name= 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1038s + key_name=test-intermediate-CA-trusted-certificate-0001 1038s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1038s ++ sed -n 's/ *commonName *= //p' 1038s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1038s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1038s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1038s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1038s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1038s Test Organization Interme Token 1038s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1038s + token_name='Test Organization Interme Token' 1038s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1038s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1038s + echo 'Test Organization Interme Token' 1038s + '[' -n no_verification ']' 1038s + local verify_arg=--verify=no_verification 1038s + local output_base_name=SSSD-child-12146 1038s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.output 1038s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.pem 1038s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 1038s [p11_child[2245]] [main] (0x0400): p11_child started. 1038s [p11_child[2245]] [main] (0x2000): Running in [pre-auth] mode. 1038s [p11_child[2245]] [main] (0x2000): Running with effective IDs: [0][0]. 1038s [p11_child[2245]] [main] (0x2000): Running with real IDs [0][0]. 1038s [p11_child[2245]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1038s [p11_child[2245]] [do_card] (0x4000): Module List: 1038s [p11_child[2245]] [do_card] (0x4000): common name: [softhsm2]. 1038s [p11_child[2245]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2245]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1038s [p11_child[2245]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1038s [p11_child[2245]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1038s [p11_child[2245]] [do_card] (0x4000): Login NOT required. 1038s [p11_child[2245]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1038s [p11_child[2245]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1038s [p11_child[2245]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1038s [p11_child[2245]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1038s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.output 1038s + echo '-----BEGIN CERTIFICATE-----' 1038s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.output 1038s + echo '-----END CERTIFICATE-----' 1038s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.pem 1038s Certificate: 1038s Data: 1038s Version: 3 (0x2) 1038s Serial Number: 4 (0x4) 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1038s Validity 1038s Not Before: Mar 23 22:56:13 2024 GMT 1038s Not After : Mar 23 22:56:13 2025 GMT 1038s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1038s Subject Public Key Info: 1038s Public Key Algorithm: rsaEncryption 1038s Public-Key: (1024 bit) 1038s Modulus: 1038s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1038s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1038s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1038s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1038s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1038s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1038s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1038s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1038s e5:11:b6:cf:05:57:4e:e8:f9 1038s Exponent: 65537 (0x10001) 1038s X509v3 extensions: 1038s X509v3 Authority Key Identifier: 1038s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1038s X509v3 Basic Constraints: 1038s CA:FALSE 1038s Netscape Cert Type: 1038s SSL Client, S/MIME 1038s Netscape Comment: 1038s Test Organization Intermediate CA trusted Certificate 1038s X509v3 Subject Key Identifier: 1038s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1038s X509v3 Key Usage: critical 1038s Digital Signature, Non Repudiation, Key Encipherment 1038s X509v3 Extended Key Usage: 1038s TLS Web Client Authentication, E-mail Protection 1038s X509v3 Subject Alternative Name: 1038s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1038s Signature Algorithm: sha256WithRSAEncryption 1038s Signature Value: 1038s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1038s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1038s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1038s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1038s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1038s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1038s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1038s ff:24 1038s + local found_md5 expected_md5 1038s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + expected_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146.pem 1039s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1039s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.output 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.output .output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.pem 1039s + echo -n 053350 1039s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1039s [p11_child[2253]] [main] (0x0400): p11_child started. 1039s [p11_child[2253]] [main] (0x2000): Running in [auth] mode. 1039s [p11_child[2253]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2253]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2253]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 1039s [p11_child[2253]] [do_card] (0x4000): Module List: 1039s [p11_child[2253]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2253]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2253]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2253]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2253]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2253]] [do_card] (0x4000): Login required. 1039s [p11_child[2253]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2253]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1039s [p11_child[2253]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1039s [p11_child[2253]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1039s [p11_child[2253]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1039s [p11_child[2253]] [do_card] (0x4000): Certificate verified and validated. 1039s [p11_child[2253]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.output 1039s + echo '-----BEGIN CERTIFICATE-----' 1039s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.output 1039s + echo '-----END CERTIFICATE-----' 1039s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.pem 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12146-auth.pem 1039s Certificate: 1039s Data: 1039s Version: 3 (0x2) 1039s Serial Number: 4 (0x4) 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1039s Validity 1039s Not Before: Mar 23 22:56:13 2024 GMT 1039s Not After : Mar 23 22:56:13 2025 GMT 1039s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1039s Subject Public Key Info: 1039s Public Key Algorithm: rsaEncryption 1039s Public-Key: (1024 bit) 1039s Modulus: 1039s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1039s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1039s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1039s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1039s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1039s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1039s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1039s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1039s e5:11:b6:cf:05:57:4e:e8:f9 1039s Exponent: 65537 (0x10001) 1039s X509v3 extensions: 1039s X509v3 Authority Key Identifier: 1039s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1039s X509v3 Basic Constraints: 1039s CA:FALSE 1039s Netscape Cert Type: 1039s SSL Client, S/MIME 1039s Netscape Comment: 1039s Test Organization Intermediate CA trusted Certificate 1039s X509v3 Subject Key Identifier: 1039s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1039s X509v3 Key Usage: critical 1039s Digital Signature, Non Repudiation, Key Encipherment 1039s X509v3 Extended Key Usage: 1039s TLS Web Client Authentication, E-mail Protection 1039s X509v3 Subject Alternative Name: 1039s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Signature Value: 1039s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1039s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1039s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1039s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1039s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1039s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1039s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1039s ff:24 1039s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1039s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s + local verify_option= 1039s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_cn 1039s + local key_name 1039s + local tokens_dir 1039s + local output_cert_file 1039s + token_name= 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1039s + key_name=test-intermediate-CA-trusted-certificate-0001 1039s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s ++ sed -n 's/ *commonName *= //p' 1039s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1039s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1039s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1039s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1039s + token_name='Test Organization Interme Token' 1039s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1039s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1039s + echo 'Test Organization Interme Token' 1039s Test Organization Interme Token 1039s + '[' -n '' ']' 1039s + local output_base_name=SSSD-child-32173 1039s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32173.output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-32173.pem 1039s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s [p11_child[2263]] [main] (0x0400): p11_child started. 1039s [p11_child[2263]] [main] (0x2000): Running in [pre-auth] mode. 1039s [p11_child[2263]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2263]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2263]] [do_card] (0x4000): Module List: 1039s [p11_child[2263]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2263]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2263]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2263]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2263]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2263]] [do_card] (0x4000): Login NOT required. 1039s [p11_child[2263]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2263]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1039s [p11_child[2263]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1039s [p11_child[2263]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1039s [p11_child[2263]] [do_card] (0x4000): No certificate found. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-32173.output 1039s + return 2 1039s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1039s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s + local verify_option=partial_chain 1039s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_cn 1039s + local key_name 1039s + local tokens_dir 1039s + local output_cert_file 1039s + token_name= 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1039s + key_name=test-intermediate-CA-trusted-certificate-0001 1039s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s ++ sed -n 's/ *commonName *= //p' 1039s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1039s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1039s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1039s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1039s + token_name='Test Organization Interme Token' 1039s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1039s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1039s + echo 'Test Organization Interme Token' 1039s + '[' -n partial_chain ']' 1039s Test Organization Interme Token 1039s + local verify_arg=--verify=partial_chain 1039s + local output_base_name=SSSD-child-23780 1039s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-23780.output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-23780.pem 1039s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1039s [p11_child[2270]] [main] (0x0400): p11_child started. 1039s [p11_child[2270]] [main] (0x2000): Running in [pre-auth] mode. 1039s [p11_child[2270]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2270]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2270]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1039s [p11_child[2270]] [do_card] (0x4000): Module List: 1039s [p11_child[2270]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2270]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2270]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2270]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2270]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2270]] [do_card] (0x4000): Login NOT required. 1039s [p11_child[2270]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2270]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1039s [p11_child[2270]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1039s [p11_child[2270]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1039s [p11_child[2270]] [do_card] (0x4000): No certificate found. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-23780.output 1039s + return 2 1039s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s + local verify_option= 1039s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_cn 1039s + local key_name 1039s + local tokens_dir 1039s + local output_cert_file 1039s + token_name= 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1039s + key_name=test-intermediate-CA-trusted-certificate-0001 1039s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s ++ sed -n 's/ *commonName *= //p' 1039s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1039s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1039s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1039s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1039s + token_name='Test Organization Interme Token' 1039s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1039s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1039s + echo 'Test Organization Interme Token' 1039s + '[' -n '' ']' 1039s + local output_base_name=SSSD-child-14988 1039s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.pem 1039s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s Test Organization Interme Token 1039s [p11_child[2277]] [main] (0x0400): p11_child started. 1039s [p11_child[2277]] [main] (0x2000): Running in [pre-auth] mode. 1039s [p11_child[2277]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2277]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2277]] [do_card] (0x4000): Module List: 1039s [p11_child[2277]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2277]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2277]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2277]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2277]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2277]] [do_card] (0x4000): Login NOT required. 1039s [p11_child[2277]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2277]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1039s [p11_child[2277]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1039s [p11_child[2277]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1039s [p11_child[2277]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.output 1039s + echo '-----BEGIN CERTIFICATE-----' 1039s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.output 1039s + echo '-----END CERTIFICATE-----' 1039s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.pem 1039s Certificate: 1039s Data: 1039s Version: 3 (0x2) 1039s Serial Number: 4 (0x4) 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1039s Validity 1039s Not Before: Mar 23 22:56:13 2024 GMT 1039s Not After : Mar 23 22:56:13 2025 GMT 1039s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1039s Subject Public Key Info: 1039s Public Key Algorithm: rsaEncryption 1039s Public-Key: (1024 bit) 1039s Modulus: 1039s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1039s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1039s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1039s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1039s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1039s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1039s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1039s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1039s e5:11:b6:cf:05:57:4e:e8:f9 1039s Exponent: 65537 (0x10001) 1039s X509v3 extensions: 1039s X509v3 Authority Key Identifier: 1039s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1039s X509v3 Basic Constraints: 1039s CA:FALSE 1039s Netscape Cert Type: 1039s SSL Client, S/MIME 1039s Netscape Comment: 1039s Test Organization Intermediate CA trusted Certificate 1039s X509v3 Subject Key Identifier: 1039s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1039s X509v3 Key Usage: critical 1039s Digital Signature, Non Repudiation, Key Encipherment 1039s X509v3 Extended Key Usage: 1039s TLS Web Client Authentication, E-mail Protection 1039s X509v3 Subject Alternative Name: 1039s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Signature Value: 1039s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1039s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1039s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1039s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1039s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1039s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1039s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1039s ff:24 1039s + local found_md5 expected_md5 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + expected_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988.pem 1039s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1039s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.output 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.output .output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.pem 1039s + echo -n 053350 1039s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1039s [p11_child[2285]] [main] (0x0400): p11_child started. 1039s [p11_child[2285]] [main] (0x2000): Running in [auth] mode. 1039s [p11_child[2285]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2285]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2285]] [do_card] (0x4000): Module List: 1039s [p11_child[2285]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2285]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2285]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2285]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2285]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2285]] [do_card] (0x4000): Login required. 1039s [p11_child[2285]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2285]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1039s [p11_child[2285]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1039s [p11_child[2285]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1039s [p11_child[2285]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1039s [p11_child[2285]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1039s [p11_child[2285]] [do_card] (0x4000): Certificate verified and validated. 1039s [p11_child[2285]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.output 1039s + echo '-----BEGIN CERTIFICATE-----' 1039s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.output 1039s + echo '-----END CERTIFICATE-----' 1039s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.pem 1039s Certificate: 1039s Data: 1039s Version: 3 (0x2) 1039s Serial Number: 4 (0x4) 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1039s Validity 1039s Not Before: Mar 23 22:56:13 2024 GMT 1039s Not After : Mar 23 22:56:13 2025 GMT 1039s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1039s Subject Public Key Info: 1039s Public Key Algorithm: rsaEncryption 1039s Public-Key: (1024 bit) 1039s Modulus: 1039s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1039s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1039s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1039s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1039s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1039s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1039s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1039s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1039s e5:11:b6:cf:05:57:4e:e8:f9 1039s Exponent: 65537 (0x10001) 1039s X509v3 extensions: 1039s X509v3 Authority Key Identifier: 1039s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1039s X509v3 Basic Constraints: 1039s CA:FALSE 1039s Netscape Cert Type: 1039s SSL Client, S/MIME 1039s Netscape Comment: 1039s Test Organization Intermediate CA trusted Certificate 1039s X509v3 Subject Key Identifier: 1039s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1039s X509v3 Key Usage: critical 1039s Digital Signature, Non Repudiation, Key Encipherment 1039s X509v3 Extended Key Usage: 1039s TLS Web Client Authentication, E-mail Protection 1039s X509v3 Subject Alternative Name: 1039s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Signature Value: 1039s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1039s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1039s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1039s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1039s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1039s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1039s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1039s ff:24 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-14988-auth.pem 1039s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1039s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1039s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s + local verify_option=partial_chain 1039s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1039s + local key_cn 1039s + local key_name 1039s + local tokens_dir 1039s + local output_cert_file 1039s + token_name= 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1039s + key_name=test-intermediate-CA-trusted-certificate-0001 1039s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s ++ sed -n 's/ *commonName *= //p' 1039s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1039s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1039s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1039s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1039s + token_name='Test Organization Interme Token' 1039s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1039s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1039s + echo 'Test Organization Interme Token' 1039s + '[' -n partial_chain ']' 1039s Test Organization Interme Token 1039s + local verify_arg=--verify=partial_chain 1039s + local output_base_name=SSSD-child-22607 1039s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.pem 1039s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1039s [p11_child[2295]] [main] (0x0400): p11_child started. 1039s [p11_child[2295]] [main] (0x2000): Running in [pre-auth] mode. 1039s [p11_child[2295]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2295]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2295]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1039s [p11_child[2295]] [do_card] (0x4000): Module List: 1039s [p11_child[2295]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2295]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2295]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2295]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2295]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2295]] [do_card] (0x4000): Login NOT required. 1039s [p11_child[2295]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2295]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1039s [p11_child[2295]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1039s [p11_child[2295]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1039s [p11_child[2295]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1039s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.output 1039s + echo '-----BEGIN CERTIFICATE-----' 1039s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.output 1039s + echo '-----END CERTIFICATE-----' 1039s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.pem 1039s Certificate: 1039s Data: 1039s Version: 3 (0x2) 1039s Serial Number: 4 (0x4) 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1039s Validity 1039s Not Before: Mar 23 22:56:13 2024 GMT 1039s Not After : Mar 23 22:56:13 2025 GMT 1039s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1039s Subject Public Key Info: 1039s Public Key Algorithm: rsaEncryption 1039s Public-Key: (1024 bit) 1039s Modulus: 1039s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1039s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1039s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1039s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1039s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1039s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1039s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1039s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1039s e5:11:b6:cf:05:57:4e:e8:f9 1039s Exponent: 65537 (0x10001) 1039s X509v3 extensions: 1039s X509v3 Authority Key Identifier: 1039s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1039s X509v3 Basic Constraints: 1039s CA:FALSE 1039s Netscape Cert Type: 1039s SSL Client, S/MIME 1039s Netscape Comment: 1039s Test Organization Intermediate CA trusted Certificate 1039s X509v3 Subject Key Identifier: 1039s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1039s X509v3 Key Usage: critical 1039s Digital Signature, Non Repudiation, Key Encipherment 1039s X509v3 Extended Key Usage: 1039s TLS Web Client Authentication, E-mail Protection 1039s X509v3 Subject Alternative Name: 1039s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1039s Signature Algorithm: sha256WithRSAEncryption 1039s Signature Value: 1039s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1039s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1039s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1039s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1039s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1039s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1039s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1039s ff:24 1039s + local found_md5 expected_md5 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1039s + expected_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607.pem 1039s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1039s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1039s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.output 1039s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.output .output 1039s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.pem 1039s + echo -n 053350 1039s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1039s [p11_child[2303]] [main] (0x0400): p11_child started. 1039s [p11_child[2303]] [main] (0x2000): Running in [auth] mode. 1039s [p11_child[2303]] [main] (0x2000): Running with effective IDs: [0][0]. 1039s [p11_child[2303]] [main] (0x2000): Running with real IDs [0][0]. 1039s [p11_child[2303]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1039s [p11_child[2303]] [do_card] (0x4000): Module List: 1039s [p11_child[2303]] [do_card] (0x4000): common name: [softhsm2]. 1039s [p11_child[2303]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2303]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1039s [p11_child[2303]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1039s [p11_child[2303]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1039s [p11_child[2303]] [do_card] (0x4000): Login required. 1039s [p11_child[2303]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1039s [p11_child[2303]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1039s [p11_child[2303]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1039s [p11_child[2303]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1039s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1040s [p11_child[2303]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1040s [p11_child[2303]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1040s [p11_child[2303]] [do_card] (0x4000): Certificate verified and validated. 1040s [p11_child[2303]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.output 1040s + echo '-----BEGIN CERTIFICATE-----' 1040s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.output 1040s + echo '-----END CERTIFICATE-----' 1040s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.pem 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-22607-auth.pem 1040s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1040s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1040s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s Certificate: 1040s Data: 1040s Version: 3 (0x2) 1040s Serial Number: 4 (0x4) 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1040s Validity 1040s Not Before: Mar 23 22:56:13 2024 GMT 1040s Not After : Mar 23 22:56:13 2025 GMT 1040s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1040s Subject Public Key Info: 1040s Public Key Algorithm: rsaEncryption 1040s Public-Key: (1024 bit) 1040s Modulus: 1040s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1040s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1040s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1040s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1040s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1040s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1040s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1040s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1040s e5:11:b6:cf:05:57:4e:e8:f9 1040s Exponent: 65537 (0x10001) 1040s X509v3 extensions: 1040s X509v3 Authority Key Identifier: 1040s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1040s X509v3 Basic Constraints: 1040s CA:FALSE 1040s Netscape Cert Type: 1040s SSL Client, S/MIME 1040s Netscape Comment: 1040s Test Organization Intermediate CA trusted Certificate 1040s X509v3 Subject Key Identifier: 1040s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1040s X509v3 Key Usage: critical 1040s Digital Signature, Non Repudiation, Key Encipherment 1040s X509v3 Extended Key Usage: 1040s TLS Web Client Authentication, E-mail Protection 1040s X509v3 Subject Alternative Name: 1040s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Signature Value: 1040s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1040s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1040s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1040s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1040s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1040s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1040s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1040s ff:24 1040s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s + local verify_option= 1040s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local key_cn 1040s + local key_name 1040s + local tokens_dir 1040s + local output_cert_file 1040s + token_name= 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1040s + key_name=test-intermediate-CA-trusted-certificate-0001 1040s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s ++ sed -n 's/ *commonName *= //p' 1040s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1040s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1040s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1040s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1040s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1040s + token_name='Test Organization Interme Token' 1040s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1040s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1040s + echo 'Test Organization Interme Token' 1040s + '[' -n '' ']' 1040s + local output_base_name=SSSD-child-9865 1040s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-9865.output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-9865.pem 1040s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s [p11_child[2313]] [main] (0x0400): p11_child started. 1040s [p11_child[2313]] [main] (0x2000): Running in [pre-auth] mode. 1040s [p11_child[2313]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2313]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2313]] [do_card] (0x4000): Module List: 1040s [p11_child[2313]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2313]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2313]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2313]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1040s [p11_child[2313]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2313]] [do_card] (0x4000): Login NOT required. 1040s [p11_child[2313]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1040s [p11_child[2313]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1040s Test Organization Interme Token 1040s [p11_child[2313]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 1040s [p11_child[2313]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 1040s [p11_child[2313]] [do_card] (0x4000): No certificate found. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-9865.output 1040s + return 2 1040s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem partial_chain 1040s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem partial_chain 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s + local verify_option=partial_chain 1040s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20237 1040s + local key_cn 1040s + local key_name 1040s + local tokens_dir 1040s + local output_cert_file 1040s + token_name= 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem .pem 1040s + key_name=test-intermediate-CA-trusted-certificate-0001 1040s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s ++ sed -n 's/ *commonName *= //p' 1040s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1040s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1040s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1040s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1040s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 1040s + token_name='Test Organization Interme Token' 1040s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1040s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 1040s + echo 'Test Organization Interme Token' 1040s + '[' -n partial_chain ']' 1040s + local verify_arg=--verify=partial_chain 1040s + local output_base_name=SSSD-child-12150 1040s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.pem 1040s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem 1040s Test Organization Interme Token 1040s [p11_child[2320]] [main] (0x0400): p11_child started. 1040s [p11_child[2320]] [main] (0x2000): Running in [pre-auth] mode. 1040s [p11_child[2320]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2320]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2320]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1040s [p11_child[2320]] [do_card] (0x4000): Module List: 1040s [p11_child[2320]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2320]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2320]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2320]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1040s [p11_child[2320]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2320]] [do_card] (0x4000): Login NOT required. 1040s [p11_child[2320]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1040s [p11_child[2320]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1040s [p11_child[2320]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1040s [p11_child[2320]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1040s [p11_child[2320]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.output 1040s + echo '-----BEGIN CERTIFICATE-----' 1040s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.output 1040s + echo '-----END CERTIFICATE-----' 1040s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.pem 1040s Certificate: 1040s Data: 1040s Version: 3 (0x2) 1040s Serial Number: 4 (0x4) 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1040s Validity 1040s Not Before: Mar 23 22:56:13 2024 GMT 1040s Not After : Mar 23 22:56:13 2025 GMT 1040s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1040s Subject Public Key Info: 1040s Public Key Algorithm: rsaEncryption 1040s Public-Key: (1024 bit) 1040s Modulus: 1040s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1040s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1040s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1040s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1040s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1040s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1040s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1040s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1040s e5:11:b6:cf:05:57:4e:e8:f9 1040s Exponent: 65537 (0x10001) 1040s X509v3 extensions: 1040s X509v3 Authority Key Identifier: 1040s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1040s X509v3 Basic Constraints: 1040s CA:FALSE 1040s Netscape Cert Type: 1040s SSL Client, S/MIME 1040s Netscape Comment: 1040s Test Organization Intermediate CA trusted Certificate 1040s X509v3 Subject Key Identifier: 1040s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1040s X509v3 Key Usage: critical 1040s Digital Signature, Non Repudiation, Key Encipherment 1040s X509v3 Extended Key Usage: 1040s TLS Web Client Authentication, E-mail Protection 1040s X509v3 Subject Alternative Name: 1040s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Signature Value: 1040s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1040s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1040s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1040s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1040s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1040s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1040s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1040s ff:24 1040s + local found_md5 expected_md5 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-intermediate-CA-trusted-certificate-0001.pem 1040s + expected_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150.pem 1040s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1040s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1040s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.output 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.output .output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.pem 1040s + echo -n 053350 1040s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1040s [p11_child[2328]] [main] (0x0400): p11_child started. 1040s [p11_child[2328]] [main] (0x2000): Running in [auth] mode. 1040s [p11_child[2328]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2328]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2328]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1040s [p11_child[2328]] [do_card] (0x4000): Module List: 1040s [p11_child[2328]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2328]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2328]] [do_card] (0x4000): Description [SoftHSM slot ID 0xf3d5f8e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2328]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 1040s [p11_child[2328]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0xf3d5f8e][255680398] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2328]] [do_card] (0x4000): Login required. 1040s [p11_child[2328]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 1040s [p11_child[2328]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1040s [p11_child[2328]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1040s [p11_child[2328]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xf3d5f8e;slot-manufacturer=SoftHSM%20project;slot-id=255680398;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=e245e49c8f3d5f8e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1040s [p11_child[2328]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1040s [p11_child[2328]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1040s [p11_child[2328]] [do_card] (0x4000): Certificate verified and validated. 1040s [p11_child[2328]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.output 1040s + echo '-----BEGIN CERTIFICATE-----' 1040s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.output 1040s + echo '-----END CERTIFICATE-----' 1040s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.pem 1040s Certificate: 1040s Data: 1040s Version: 3 (0x2) 1040s Serial Number: 4 (0x4) 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1040s Validity 1040s Not Before: Mar 23 22:56:13 2024 GMT 1040s Not After : Mar 23 22:56:13 2025 GMT 1040s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1040s Subject Public Key Info: 1040s Public Key Algorithm: rsaEncryption 1040s Public-Key: (1024 bit) 1040s Modulus: 1040s 00:ea:bc:4d:41:18:84:a1:1b:8a:5c:9a:b0:ce:35: 1040s 09:c5:40:0d:01:9f:1a:6a:1a:6c:0a:12:dc:00:a0: 1040s 01:20:33:00:64:53:ed:f0:7b:65:0d:10:eb:d1:47: 1040s 59:fc:b9:e8:d6:9c:cf:5f:ed:d6:dd:81:89:f3:bb: 1040s d6:11:da:69:27:e9:97:a6:f6:cf:1c:f2:70:86:aa: 1040s 83:17:6c:ca:cf:4f:5f:0b:d9:81:35:fa:d9:b5:bb: 1040s 5a:c5:fc:13:29:99:35:b5:95:57:31:9e:d7:ff:bc: 1040s 50:a3:c4:5d:00:92:57:ab:48:db:99:9a:42:d3:2c: 1040s e5:11:b6:cf:05:57:4e:e8:f9 1040s Exponent: 65537 (0x10001) 1040s X509v3 extensions: 1040s X509v3 Authority Key Identifier: 1040s 19:7F:EF:F6:27:5A:C5:75:38:28:97:53:F0:E7:A1:52:EA:6B:51:35 1040s X509v3 Basic Constraints: 1040s CA:FALSE 1040s Netscape Cert Type: 1040s SSL Client, S/MIME 1040s Netscape Comment: 1040s Test Organization Intermediate CA trusted Certificate 1040s X509v3 Subject Key Identifier: 1040s 39:0C:DF:E6:C4:6C:80:FC:81:95:68:46:16:07:B0:AD:10:10:38:B5 1040s X509v3 Key Usage: critical 1040s Digital Signature, Non Repudiation, Key Encipherment 1040s X509v3 Extended Key Usage: 1040s TLS Web Client Authentication, E-mail Protection 1040s X509v3 Subject Alternative Name: 1040s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Signature Value: 1040s 8c:a0:48:2a:37:3b:86:0a:06:8b:c3:57:7c:eb:0a:67:9d:cc: 1040s a7:e5:97:d3:ec:a6:8f:6e:54:3a:59:e1:f2:69:f0:04:89:ca: 1040s 1f:32:4d:2c:92:04:b3:53:c1:73:15:64:ec:3b:2e:7b:8d:6d: 1040s f6:86:be:75:a5:6a:be:5c:d0:dc:6a:ce:d6:e8:07:f0:ab:3b: 1040s e4:4f:69:50:14:0f:59:01:dc:58:7b:e4:cd:26:b2:a1:ab:d9: 1040s 93:74:bc:c7:99:71:d3:ea:56:eb:52:48:26:52:49:e6:0f:0c: 1040s d2:bf:7c:29:a7:bb:75:ef:a5:da:c3:86:d2:ef:62:65:41:f7: 1040s ff:24 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-12150-auth.pem 1040s + found_md5=Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 1040s + '[' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 '!=' Modulus=EABC4D411884A11B8A5C9AB0CE3509C5400D019F1A6A1A6C0A12DC00A0012033006453EDF07B650D10EBD14759FCB9E8D69CCF5FEDD6DD8189F3BBD611DA6927E997A6F6CF1CF27086AA83176CCACF4F5F0BD98135FAD9B5BB5AC5FC13299935B59557319ED7FFBC50A3C45D009257AB48DB999A42D32CE511B6CF05574EE8F9 ']' 1040s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s + local verify_option= 1040s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_cn 1040s + local key_name 1040s + local tokens_dir 1040s + local output_cert_file 1040s + token_name= 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1040s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1040s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s ++ sed -n 's/ *commonName *= //p' 1040s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1040s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1040s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1040s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1040s + token_name='Test Organization Sub Int Token' 1040s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1040s + local key_file 1040s + local decrypted_key 1040s + mkdir -p /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1040s + key_file=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 1040s + decrypted_key=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1040s + cat 1040s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 1040s Slot 0 has a free/uninitialized token. 1040s The token has been initialized and is reassigned to slot 2126149575 1040s + softhsm2-util --show-slots 1040s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1040s Available slots: 1040s Slot 2126149575 1040s Slot info: 1040s Description: SoftHSM slot ID 0x7eba77c7 1040s Manufacturer ID: SoftHSM project 1040s Hardware version: 2.6 1040s Firmware version: 2.6 1040s Token present: yes 1040s Token info: 1040s Manufacturer ID: SoftHSM project 1040s Model: SoftHSM v2 1040s Hardware version: 2.6 1040s Firmware version: 2.6 1040s Serial number: 51d0acad7eba77c7 1040s Initialized: yes 1040s User PIN init.: yes 1040s Label: Test Organization Sub Int Token 1040s Slot 1 1040s Slot info: 1040s Description: SoftHSM slot ID 0x1 1040s Manufacturer ID: SoftHSM project 1040s Hardware version: 2.6 1040s Firmware version: 2.6 1040s Token present: yes 1040s Token info: 1040s Manufacturer ID: SoftHSM project 1040s Model: SoftHSM v2 1040s Hardware version: 2.6 1040s Firmware version: 2.6 1040s Serial number: 1040s Initialized: no 1040s User PIN init.: no 1040s Label: 1040s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-23033 -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1040s writing RSA key 1040s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1040s + rm /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1040s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1040s Object 0: 1040s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 1040s Type: X.509 Certificate (RSA-1024) 1040s Expires: Sun Mar 23 22:56:13 2025 1040s Label: Test Organization Sub Intermediate Trusted Certificate 0001 1040s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1040s 1040s + echo 'Test Organization Sub Int Token' 1040s Test Organization Sub Int Token 1040s + '[' -n '' ']' 1040s + local output_base_name=SSSD-child-6039 1040s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-6039.output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-6039.pem 1040s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s [p11_child[2347]] [main] (0x0400): p11_child started. 1040s [p11_child[2347]] [main] (0x2000): Running in [pre-auth] mode. 1040s [p11_child[2347]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2347]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2347]] [do_card] (0x4000): Module List: 1040s [p11_child[2347]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2347]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2347]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2347]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1040s [p11_child[2347]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2347]] [do_card] (0x4000): Login NOT required. 1040s [p11_child[2347]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1040s [p11_child[2347]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1040s [p11_child[2347]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1040s [p11_child[2347]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1040s [p11_child[2347]] [do_card] (0x4000): No certificate found. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-6039.output 1040s + return 2 1040s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1040s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-CA.pem partial_chain 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s + local verify_option=partial_chain 1040s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_cn 1040s + local key_name 1040s + local tokens_dir 1040s + local output_cert_file 1040s + token_name= 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1040s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1040s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s ++ sed -n 's/ *commonName *= //p' 1040s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1040s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1040s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1040s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1040s + token_name='Test Organization Sub Int Token' 1040s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1040s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1040s + echo 'Test Organization Sub Int Token' 1040s Test Organization Sub Int Token 1040s + '[' -n partial_chain ']' 1040s + local verify_arg=--verify=partial_chain 1040s + local output_base_name=SSSD-child-22338 1040s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22338.output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-22338.pem 1040s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-CA.pem 1040s [p11_child[2354]] [main] (0x0400): p11_child started. 1040s [p11_child[2354]] [main] (0x2000): Running in [pre-auth] mode. 1040s [p11_child[2354]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2354]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2354]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1040s [p11_child[2354]] [do_card] (0x4000): Module List: 1040s [p11_child[2354]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2354]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2354]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2354]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1040s [p11_child[2354]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2354]] [do_card] (0x4000): Login NOT required. 1040s [p11_child[2354]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1040s [p11_child[2354]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1040s [p11_child[2354]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1040s [p11_child[2354]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1040s [p11_child[2354]] [do_card] (0x4000): No certificate found. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-22338.output 1040s + return 2 1040s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1040s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1040s + local verify_option= 1040s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1040s + local key_cn 1040s + local key_name 1040s + local tokens_dir 1040s + local output_cert_file 1040s + token_name= 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1040s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1040s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s ++ sed -n 's/ *commonName *= //p' 1040s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1040s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1040s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1040s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1040s + token_name='Test Organization Sub Int Token' 1040s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1040s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1040s + echo 'Test Organization Sub Int Token' 1040s + '[' -n '' ']' 1040s + local output_base_name=SSSD-child-31996 1040s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.pem 1040s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1040s Test Organization Sub Int Token 1040s [p11_child[2361]] [main] (0x0400): p11_child started. 1040s [p11_child[2361]] [main] (0x2000): Running in [pre-auth] mode. 1040s [p11_child[2361]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2361]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2361]] [do_card] (0x4000): Module List: 1040s [p11_child[2361]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2361]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2361]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2361]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1040s [p11_child[2361]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2361]] [do_card] (0x4000): Login NOT required. 1040s [p11_child[2361]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1040s [p11_child[2361]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1040s [p11_child[2361]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1040s [p11_child[2361]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1040s [p11_child[2361]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.output 1040s + echo '-----BEGIN CERTIFICATE-----' 1040s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.output 1040s + echo '-----END CERTIFICATE-----' 1040s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.pem 1040s + local found_md5 expected_md5 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1040s Certificate: 1040s Data: 1040s Version: 3 (0x2) 1040s Serial Number: 5 (0x5) 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1040s Validity 1040s Not Before: Mar 23 22:56:13 2024 GMT 1040s Not After : Mar 23 22:56:13 2025 GMT 1040s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1040s Subject Public Key Info: 1040s Public Key Algorithm: rsaEncryption 1040s Public-Key: (1024 bit) 1040s Modulus: 1040s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1040s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1040s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1040s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1040s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1040s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1040s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1040s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1040s a8:9f:f6:73:73:12:d0:e2:4f 1040s Exponent: 65537 (0x10001) 1040s X509v3 extensions: 1040s X509v3 Authority Key Identifier: 1040s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1040s X509v3 Basic Constraints: 1040s CA:FALSE 1040s Netscape Cert Type: 1040s SSL Client, S/MIME 1040s Netscape Comment: 1040s Test Organization Sub Intermediate CA trusted Certificate 1040s X509v3 Subject Key Identifier: 1040s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1040s X509v3 Key Usage: critical 1040s Digital Signature, Non Repudiation, Key Encipherment 1040s X509v3 Extended Key Usage: 1040s TLS Web Client Authentication, E-mail Protection 1040s X509v3 Subject Alternative Name: 1040s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Signature Value: 1040s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1040s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1040s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1040s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1040s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1040s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1040s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1040s 88:b8 1040s + expected_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996.pem 1040s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1040s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1040s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.output 1040s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.output .output 1040s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.pem 1040s + echo -n 053350 1040s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1040s [p11_child[2369]] [main] (0x0400): p11_child started. 1040s [p11_child[2369]] [main] (0x2000): Running in [auth] mode. 1040s [p11_child[2369]] [main] (0x2000): Running with effective IDs: [0][0]. 1040s [p11_child[2369]] [main] (0x2000): Running with real IDs [0][0]. 1040s [p11_child[2369]] [do_card] (0x4000): Module List: 1040s [p11_child[2369]] [do_card] (0x4000): common name: [softhsm2]. 1040s [p11_child[2369]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2369]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1040s [p11_child[2369]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1040s [p11_child[2369]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1040s [p11_child[2369]] [do_card] (0x4000): Login required. 1040s [p11_child[2369]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1040s [p11_child[2369]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1040s [p11_child[2369]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1040s [p11_child[2369]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1040s [p11_child[2369]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1040s [p11_child[2369]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1040s [p11_child[2369]] [do_card] (0x4000): Certificate verified and validated. 1040s [p11_child[2369]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1040s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.output 1040s + echo '-----BEGIN CERTIFICATE-----' 1040s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.output 1040s + echo '-----END CERTIFICATE-----' 1040s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.pem 1040s Certificate: 1040s Data: 1040s Version: 3 (0x2) 1040s Serial Number: 5 (0x5) 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1040s Validity 1040s Not Before: Mar 23 22:56:13 2024 GMT 1040s Not After : Mar 23 22:56:13 2025 GMT 1040s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1040s Subject Public Key Info: 1040s Public Key Algorithm: rsaEncryption 1040s Public-Key: (1024 bit) 1040s Modulus: 1040s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1040s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1040s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1040s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1040s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1040s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1040s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1040s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1040s a8:9f:f6:73:73:12:d0:e2:4f 1040s Exponent: 65537 (0x10001) 1040s X509v3 extensions: 1040s X509v3 Authority Key Identifier: 1040s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1040s X509v3 Basic Constraints: 1040s CA:FALSE 1040s Netscape Cert Type: 1040s SSL Client, S/MIME 1040s Netscape Comment: 1040s Test Organization Sub Intermediate CA trusted Certificate 1040s X509v3 Subject Key Identifier: 1040s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1040s X509v3 Key Usage: critical 1040s Digital Signature, Non Repudiation, Key Encipherment 1040s X509v3 Extended Key Usage: 1040s TLS Web Client Authentication, E-mail Protection 1040s X509v3 Subject Alternative Name: 1040s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1040s Signature Algorithm: sha256WithRSAEncryption 1040s Signature Value: 1040s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1040s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1040s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1040s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1040s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1040s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1040s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1040s 88:b8 1040s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-31996-auth.pem 1041s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1041s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1041s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem partial_chain 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1041s + local verify_option=partial_chain 1041s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_cn 1041s + local key_name 1041s + local tokens_dir 1041s + local output_cert_file 1041s + token_name= 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1041s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1041s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s ++ sed -n 's/ *commonName *= //p' 1041s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1041s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1041s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1041s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1041s + token_name='Test Organization Sub Int Token' 1041s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1041s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1041s + echo 'Test Organization Sub Int Token' 1041s + '[' -n partial_chain ']' 1041s + local verify_arg=--verify=partial_chain 1041s + local output_base_name=SSSD-child-5718 1041s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.output 1041s Test Organization Sub Int Token 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.pem 1041s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem 1041s [p11_child[2379]] [main] (0x0400): p11_child started. 1041s [p11_child[2379]] [main] (0x2000): Running in [pre-auth] mode. 1041s [p11_child[2379]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2379]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2379]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2379]] [do_card] (0x4000): Module List: 1041s [p11_child[2379]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2379]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2379]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2379]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2379]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2379]] [do_card] (0x4000): Login NOT required. 1041s [p11_child[2379]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2379]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1041s [p11_child[2379]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1041s [p11_child[2379]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1041s [p11_child[2379]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.output 1041s + echo '-----BEGIN CERTIFICATE-----' 1041s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.output 1041s + echo '-----END CERTIFICATE-----' 1041s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.pem 1041s Certificate: 1041s Data: 1041s Version: 3 (0x2) 1041s Serial Number: 5 (0x5) 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1041s Validity 1041s Not Before: Mar 23 22:56:13 2024 GMT 1041s Not After : Mar 23 22:56:13 2025 GMT 1041s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1041s Subject Public Key Info: 1041s Public Key Algorithm: rsaEncryption 1041s Public-Key: (1024 bit) 1041s Modulus: 1041s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1041s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1041s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1041s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1041s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1041s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1041s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1041s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1041s a8:9f:f6:73:73:12:d0:e2:4f 1041s Exponent: 65537 (0x10001) 1041s X509v3 extensions: 1041s X509v3 Authority Key Identifier: 1041s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1041s X509v3 Basic Constraints: 1041s CA:FALSE 1041s Netscape Cert Type: 1041s SSL Client, S/MIME 1041s Netscape Comment: 1041s Test Organization Sub Intermediate CA trusted Certificate 1041s X509v3 Subject Key Identifier: 1041s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1041s X509v3 Key Usage: critical 1041s Digital Signature, Non Repudiation, Key Encipherment 1041s X509v3 Extended Key Usage: 1041s TLS Web Client Authentication, E-mail Protection 1041s X509v3 Subject Alternative Name: 1041s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Signature Value: 1041s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1041s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1041s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1041s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1041s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1041s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1041s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1041s 88:b8 1041s + local found_md5 expected_md5 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + expected_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718.pem 1041s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1041s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.output 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.output .output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.pem 1041s + echo -n 053350 1041s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1041s [p11_child[2387]] [main] (0x0400): p11_child started. 1041s [p11_child[2387]] [main] (0x2000): Running in [auth] mode. 1041s [p11_child[2387]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2387]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2387]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2387]] [do_card] (0x4000): Module List: 1041s [p11_child[2387]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2387]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2387]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2387]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2387]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2387]] [do_card] (0x4000): Login required. 1041s [p11_child[2387]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2387]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1041s [p11_child[2387]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1041s [p11_child[2387]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1041s [p11_child[2387]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1041s [p11_child[2387]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1041s [p11_child[2387]] [do_card] (0x4000): Certificate verified and validated. 1041s [p11_child[2387]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.output 1041s + echo '-----BEGIN CERTIFICATE-----' 1041s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.output 1041s + echo '-----END CERTIFICATE-----' 1041s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.pem 1041s Certificate: 1041s Data: 1041s Version: 3 (0x2) 1041s Serial Number: 5 (0x5) 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1041s Validity 1041s Not Before: Mar 23 22:56:13 2024 GMT 1041s Not After : Mar 23 22:56:13 2025 GMT 1041s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1041s Subject Public Key Info: 1041s Public Key Algorithm: rsaEncryption 1041s Public-Key: (1024 bit) 1041s Modulus: 1041s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1041s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1041s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1041s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1041s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1041s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1041s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1041s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1041s a8:9f:f6:73:73:12:d0:e2:4f 1041s Exponent: 65537 (0x10001) 1041s X509v3 extensions: 1041s X509v3 Authority Key Identifier: 1041s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1041s X509v3 Basic Constraints: 1041s CA:FALSE 1041s Netscape Cert Type: 1041s SSL Client, S/MIME 1041s Netscape Comment: 1041s Test Organization Sub Intermediate CA trusted Certificate 1041s X509v3 Subject Key Identifier: 1041s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1041s X509v3 Key Usage: critical 1041s Digital Signature, Non Repudiation, Key Encipherment 1041s X509v3 Extended Key Usage: 1041s TLS Web Client Authentication, E-mail Protection 1041s X509v3 Subject Alternative Name: 1041s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Signature Value: 1041s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1041s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1041s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1041s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1041s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1041s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1041s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1041s 88:b8 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-5718-auth.pem 1041s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1041s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s + local verify_option= 1041s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_cn 1041s + local key_name 1041s + local tokens_dir 1041s + local output_cert_file 1041s + token_name= 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1041s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1041s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s ++ sed -n 's/ *commonName *= //p' 1041s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1041s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1041s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1041s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1041s + token_name='Test Organization Sub Int Token' 1041s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1041s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1041s + echo 'Test Organization Sub Int Token' 1041s + '[' -n '' ']' 1041s Test Organization Sub Int Token 1041s + local output_base_name=SSSD-child-30065 1041s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30065.output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30065.pem 1041s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s [p11_child[2397]] [main] (0x0400): p11_child started. 1041s [p11_child[2397]] [main] (0x2000): Running in [pre-auth] mode. 1041s [p11_child[2397]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2397]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2397]] [do_card] (0x4000): Module List: 1041s [p11_child[2397]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2397]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2397]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2397]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2397]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2397]] [do_card] (0x4000): Login NOT required. 1041s [p11_child[2397]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2397]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1041s [p11_child[2397]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 1041s [p11_child[2397]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1041s [p11_child[2397]] [do_card] (0x4000): No certificate found. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-30065.output 1041s + return 2 1041s + invalid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem partial_chain 1041s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem partial_chain 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem 1041s + local verify_option=partial_chain 1041s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_cn 1041s + local key_name 1041s + local tokens_dir 1041s + local output_cert_file 1041s + token_name= 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1041s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1041s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s ++ sed -n 's/ *commonName *= //p' 1041s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1041s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1041s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1041s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1041s + token_name='Test Organization Sub Int Token' 1041s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1041s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1041s + echo 'Test Organization Sub Int Token' 1041s + '[' -n partial_chain ']' 1041s + local verify_arg=--verify=partial_chain 1041s + local output_base_name=SSSD-child-16361 1041s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-16361.output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-16361.pem 1041s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-root-intermediate-chain-CA.pem 1041s [p11_child[2404]] [main] (0x0400): p11_child started. 1041s [p11_child[2404]] [main] (0x2000): Running in [pre-auth] mode. 1041s [p11_child[2404]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s Test Organization Sub Int Token 1041s [p11_child[2404]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2404]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2404]] [do_card] (0x4000): Module List: 1041s [p11_child[2404]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2404]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2404]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2404]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2404]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2404]] [do_card] (0x4000): Login NOT required. 1041s [p11_child[2404]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2404]] [do_verification] (0x0040): X509_verify_cert failed [0]. 1041s [p11_child[2404]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 1041s [p11_child[2404]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 1041s [p11_child[2404]] [do_card] (0x4000): No certificate found. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-16361.output 1041s + return 2 1041s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem partial_chain 1041s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem partial_chain 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s + local verify_option=partial_chain 1041s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_cn 1041s + local key_name 1041s + local tokens_dir 1041s + local output_cert_file 1041s + token_name= 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1041s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1041s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s ++ sed -n 's/ *commonName *= //p' 1041s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1041s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1041s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1041s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1041s + token_name='Test Organization Sub Int Token' 1041s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1041s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1041s + echo 'Test Organization Sub Int Token' 1041s + '[' -n partial_chain ']' 1041s + local verify_arg=--verify=partial_chain 1041s + local output_base_name=SSSD-child-15437 1041s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.pem 1041s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem 1041s Test Organization Sub Int Token 1041s [p11_child[2411]] [main] (0x0400): p11_child started. 1041s [p11_child[2411]] [main] (0x2000): Running in [pre-auth] mode. 1041s [p11_child[2411]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2411]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2411]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2411]] [do_card] (0x4000): Module List: 1041s [p11_child[2411]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2411]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2411]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2411]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2411]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2411]] [do_card] (0x4000): Login NOT required. 1041s [p11_child[2411]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2411]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1041s [p11_child[2411]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1041s [p11_child[2411]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1041s [p11_child[2411]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.output 1041s + echo '-----BEGIN CERTIFICATE-----' 1041s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.output 1041s + echo '-----END CERTIFICATE-----' 1041s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.pem 1041s Certificate: 1041s Data: 1041s Version: 3 (0x2) 1041s Serial Number: 5 (0x5) 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1041s Validity 1041s Not Before: Mar 23 22:56:13 2024 GMT 1041s Not After : Mar 23 22:56:13 2025 GMT 1041s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1041s Subject Public Key Info: 1041s Public Key Algorithm: rsaEncryption 1041s Public-Key: (1024 bit) 1041s Modulus: 1041s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1041s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1041s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1041s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1041s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1041s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1041s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1041s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1041s a8:9f:f6:73:73:12:d0:e2:4f 1041s Exponent: 65537 (0x10001) 1041s X509v3 extensions: 1041s X509v3 Authority Key Identifier: 1041s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1041s X509v3 Basic Constraints: 1041s CA:FALSE 1041s Netscape Cert Type: 1041s SSL Client, S/MIME 1041s Netscape Comment: 1041s Test Organization Sub Intermediate CA trusted Certificate 1041s X509v3 Subject Key Identifier: 1041s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1041s X509v3 Key Usage: critical 1041s Digital Signature, Non Repudiation, Key Encipherment 1041s X509v3 Extended Key Usage: 1041s TLS Web Client Authentication, E-mail Protection 1041s X509v3 Subject Alternative Name: 1041s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Signature Value: 1041s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1041s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1041s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1041s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1041s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1041s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1041s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1041s 88:b8 1041s + local found_md5 expected_md5 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + expected_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437.pem 1041s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1041s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.output 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.output .output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.pem 1041s + echo -n 053350 1041s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1041s [p11_child[2419]] [main] (0x0400): p11_child started. 1041s [p11_child[2419]] [main] (0x2000): Running in [auth] mode. 1041s [p11_child[2419]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2419]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2419]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2419]] [do_card] (0x4000): Module List: 1041s [p11_child[2419]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2419]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2419]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2419]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2419]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2419]] [do_card] (0x4000): Login required. 1041s [p11_child[2419]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2419]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1041s [p11_child[2419]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1041s [p11_child[2419]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1041s [p11_child[2419]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1041s [p11_child[2419]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1041s [p11_child[2419]] [do_card] (0x4000): Certificate verified and validated. 1041s [p11_child[2419]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.output 1041s + echo '-----BEGIN CERTIFICATE-----' 1041s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.output 1041s + echo '-----END CERTIFICATE-----' 1041s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.pem 1041s Certificate: 1041s Data: 1041s Version: 3 (0x2) 1041s Serial Number: 5 (0x5) 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1041s Validity 1041s Not Before: Mar 23 22:56:13 2024 GMT 1041s Not After : Mar 23 22:56:13 2025 GMT 1041s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1041s Subject Public Key Info: 1041s Public Key Algorithm: rsaEncryption 1041s Public-Key: (1024 bit) 1041s Modulus: 1041s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1041s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1041s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1041s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1041s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1041s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1041s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1041s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1041s a8:9f:f6:73:73:12:d0:e2:4f 1041s Exponent: 65537 (0x10001) 1041s X509v3 extensions: 1041s X509v3 Authority Key Identifier: 1041s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1041s X509v3 Basic Constraints: 1041s CA:FALSE 1041s Netscape Cert Type: 1041s SSL Client, S/MIME 1041s Netscape Comment: 1041s Test Organization Sub Intermediate CA trusted Certificate 1041s X509v3 Subject Key Identifier: 1041s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1041s X509v3 Key Usage: critical 1041s Digital Signature, Non Repudiation, Key Encipherment 1041s X509v3 Extended Key Usage: 1041s TLS Web Client Authentication, E-mail Protection 1041s X509v3 Subject Alternative Name: 1041s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Signature Value: 1041s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1041s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1041s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1041s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1041s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1041s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1041s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1041s 88:b8 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-15437-auth.pem 1041s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1041s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1041s + valid_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-intermediate-sub-chain-CA.pem partial_chain 1041s + check_certificate /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 /tmp/sssd-softhsm2-XIssWU/test-intermediate-sub-chain-CA.pem partial_chain 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_ring=/tmp/sssd-softhsm2-XIssWU/test-intermediate-sub-chain-CA.pem 1041s + local verify_option=partial_chain 1041s + prepare_softhsm2_card /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local certificate=/tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-23033 1041s + local key_cn 1041s + local key_name 1041s + local tokens_dir 1041s + local output_cert_file 1041s + token_name= 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1041s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1041s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1041s ++ sed -n 's/ *commonName *= //p' 1041s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1041s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1041s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1041s ++ basename /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1041s + tokens_dir=/tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1041s + token_name='Test Organization Sub Int Token' 1041s + '[' '!' -e /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1041s + '[' '!' -d /tmp/sssd-softhsm2-XIssWU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 1041s + echo 'Test Organization Sub Int Token' 1041s Test Organization Sub Int Token 1041s + '[' -n partial_chain ']' 1041s + local verify_arg=--verify=partial_chain 1041s + local output_base_name=SSSD-child-30915 1041s + local output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.output 1041s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.pem 1041s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-sub-chain-CA.pem 1041s [p11_child[2429]] [main] (0x0400): p11_child started. 1041s [p11_child[2429]] [main] (0x2000): Running in [pre-auth] mode. 1041s [p11_child[2429]] [main] (0x2000): Running with effective IDs: [0][0]. 1041s [p11_child[2429]] [main] (0x2000): Running with real IDs [0][0]. 1041s [p11_child[2429]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1041s [p11_child[2429]] [do_card] (0x4000): Module List: 1041s [p11_child[2429]] [do_card] (0x4000): common name: [softhsm2]. 1041s [p11_child[2429]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2429]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1041s [p11_child[2429]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1041s [p11_child[2429]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1041s [p11_child[2429]] [do_card] (0x4000): Login NOT required. 1041s [p11_child[2429]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1041s [p11_child[2429]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1041s [p11_child[2429]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1041s [p11_child[2429]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1041s [p11_child[2429]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1041s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.output 1041s + echo '-----BEGIN CERTIFICATE-----' 1041s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.output 1041s + echo '-----END CERTIFICATE-----' 1041s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.pem 1041s Certificate: 1041s Data: 1041s Version: 3 (0x2) 1041s Serial Number: 5 (0x5) 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1041s Validity 1041s Not Before: Mar 23 22:56:13 2024 GMT 1041s Not After : Mar 23 22:56:13 2025 GMT 1041s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1041s Subject Public Key Info: 1041s Public Key Algorithm: rsaEncryption 1041s Public-Key: (1024 bit) 1041s Modulus: 1041s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1041s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1041s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1041s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1041s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1041s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1041s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1041s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1041s a8:9f:f6:73:73:12:d0:e2:4f 1041s Exponent: 65537 (0x10001) 1041s X509v3 extensions: 1041s X509v3 Authority Key Identifier: 1041s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1041s X509v3 Basic Constraints: 1041s CA:FALSE 1041s Netscape Cert Type: 1041s SSL Client, S/MIME 1041s Netscape Comment: 1041s Test Organization Sub Intermediate CA trusted Certificate 1041s X509v3 Subject Key Identifier: 1041s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1041s X509v3 Key Usage: critical 1041s Digital Signature, Non Repudiation, Key Encipherment 1041s X509v3 Extended Key Usage: 1041s TLS Web Client Authentication, E-mail Protection 1041s X509v3 Subject Alternative Name: 1041s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1041s Signature Algorithm: sha256WithRSAEncryption 1041s Signature Value: 1041s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1041s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1041s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1041s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1041s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1041s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1041s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1041s 88:b8 1041s + local found_md5 expected_md5 1041s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/test-sub-intermediate-CA-trusted-certificate-0001.pem 1042s + expected_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1042s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915.pem 1042s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1042s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1042s + output_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.output 1042s ++ basename /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.output .output 1042s + output_cert_file=/tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.pem 1042s + echo -n 053350 1042s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-XIssWU/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1042s [p11_child[2437]] [main] (0x0400): p11_child started. 1042s [p11_child[2437]] [main] (0x2000): Running in [auth] mode. 1042s [p11_child[2437]] [main] (0x2000): Running with effective IDs: [0][0]. 1042s [p11_child[2437]] [main] (0x2000): Running with real IDs [0][0]. 1042s [p11_child[2437]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 1042s [p11_child[2437]] [do_card] (0x4000): Module List: 1042s [p11_child[2437]] [do_card] (0x4000): common name: [softhsm2]. 1042s [p11_child[2437]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1042s [p11_child[2437]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7eba77c7] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 1042s [p11_child[2437]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 1042s [p11_child[2437]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7eba77c7][2126149575] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 1042s [p11_child[2437]] [do_card] (0x4000): Login required. 1042s [p11_child[2437]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 1042s [p11_child[2437]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 1042s [p11_child[2437]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 1042s [p11_child[2437]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7eba77c7;slot-manufacturer=SoftHSM%20project;slot-id=2126149575;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=51d0acad7eba77c7;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 1042s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 1042s [p11_child[2437]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 1042s [p11_child[2437]] [do_card] (0x4000): Certificate verified and validated. 1042s [p11_child[2437]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 1042s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.output 1042s + echo '-----BEGIN CERTIFICATE-----' 1042s + tail -n1 /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.output 1042s + echo '-----END CERTIFICATE-----' 1042s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.pem 1042s Certificate: 1042s Data: 1042s Version: 3 (0x2) 1042s Serial Number: 5 (0x5) 1042s Signature Algorithm: sha256WithRSAEncryption 1042s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1042s Validity 1042s Not Before: Mar 23 22:56:13 2024 GMT 1042s Not After : Mar 23 22:56:13 2025 GMT 1042s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1042s Subject Public Key Info: 1042s Public Key Algorithm: rsaEncryption 1042s Public-Key: (1024 bit) 1042s Modulus: 1042s 00:c4:94:da:c1:1f:9f:90:84:1a:f3:20:03:63:64: 1042s a5:58:cf:9f:f4:4f:61:c8:f7:54:20:98:ce:a2:96: 1042s 53:13:bc:4c:f4:c0:1e:46:d4:f8:a6:63:c2:b1:85: 1042s 25:e4:17:c7:90:03:c9:f3:b5:6b:dd:37:4f:bf:24: 1042s d2:82:f6:a8:d4:d2:d0:b3:3b:8f:59:d1:b6:42:f3: 1042s 8e:72:6f:ea:d8:b9:63:f2:c3:4b:c5:ae:f2:1c:72: 1042s 78:29:ed:53:2b:0c:c3:11:40:7d:47:ab:d2:95:70: 1042s f1:bf:15:ba:bf:0c:88:29:78:fa:2f:22:91:17:e3: 1042s a8:9f:f6:73:73:12:d0:e2:4f 1042s Exponent: 65537 (0x10001) 1042s X509v3 extensions: 1042s X509v3 Authority Key Identifier: 1042s D2:69:F6:A9:AE:D3:9D:55:AB:F7:3E:8C:81:B9:8B:87:92:85:2D:E7 1042s X509v3 Basic Constraints: 1042s CA:FALSE 1042s Netscape Cert Type: 1042s SSL Client, S/MIME 1042s Netscape Comment: 1042s Test Organization Sub Intermediate CA trusted Certificate 1042s X509v3 Subject Key Identifier: 1042s 84:D1:89:F2:1D:BC:8B:27:B5:C6:DD:C2:CC:0D:29:F4:55:A9:80:3D 1042s X509v3 Key Usage: critical 1042s Digital Signature, Non Repudiation, Key Encipherment 1042s X509v3 Extended Key Usage: 1042s TLS Web Client Authentication, E-mail Protection 1042s X509v3 Subject Alternative Name: 1042s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1042s Signature Algorithm: sha256WithRSAEncryption 1042s Signature Value: 1042s 15:09:4d:e9:94:2e:e4:5e:6d:b3:ba:35:46:90:09:2b:45:2c: 1042s 17:1c:86:9c:26:a2:c1:e5:57:be:2d:76:f8:dc:ad:7f:17:a4: 1042s 54:31:1f:33:df:bc:48:d8:18:96:4f:8b:cc:4c:5c:89:59:a8: 1042s 61:a3:60:62:53:eb:17:fa:5d:73:e3:b8:44:1c:a5:62:c2:e5: 1042s 92:49:f9:11:fb:db:5c:03:6c:19:74:2d:8f:62:3a:eb:73:81: 1042s d0:16:1a:02:ba:1a:19:f2:b0:ac:cf:ce:3e:4d:6a:77:09:e0: 1042s a6:18:d5:8f:32:d9:c5:6c:b5:28:b7:cb:bf:3d:73:48:82:c5: 1042s 88:b8 1042s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-XIssWU/SSSD-child-30915-auth.pem 1042s + found_md5=Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F 1042s + '[' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F '!=' Modulus=C494DAC11F9F90841AF320036364A558CF9FF44F61C8F7542098CEA2965313BC4CF4C01E46D4F8A663C2B18525E417C79003C9F3B56BDD374FBF24D282F6A8D4D2D0B33B8F59D1B642F38E726FEAD8B963F2C34BC5AEF21C727829ED532B0CC311407D47ABD29570F1BF15BABF0C882978FA2F229117E3A89FF6737312D0E24F ']' 1042s + set +x 1042s 1042s Test completed, Root CA and intermediate issued certificates verified! 1042s autopkgtest [22:56:19]: test sssd-softhism2-certificates-tests.sh: -----------------------] 1043s autopkgtest [22:56:20]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 1043s sssd-softhism2-certificates-tests.sh PASS 1043s autopkgtest [22:56:20]: test sssd-smart-card-pam-auth-configs: preparing testbed 1044s Reading package lists... 1044s Building dependency tree... 1044s Reading state information... 1044s Starting pkgProblemResolver with broken count: 0 1044s Starting 2 pkgProblemResolver with broken count: 0 1044s Done 1045s The following additional packages will be installed: 1045s pamtester 1045s The following NEW packages will be installed: 1045s autopkgtest-satdep pamtester 1045s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 1045s Need to get 14.6 kB/15.4 kB of archives. 1045s After this operation, 86.0 kB of additional disk space will be used. 1045s Get:1 /tmp/autopkgtest.Y0w0ep/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [768 B] 1045s Get:2 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 1045s Fetched 14.6 kB in 0s (66.7 kB/s) 1045s Selecting previously unselected package pamtester. 1045s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70311 files and directories currently installed.) 1045s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 1045s Unpacking pamtester (0.1.2-4) ... 1045s Selecting previously unselected package autopkgtest-satdep. 1045s Preparing to unpack .../4-autopkgtest-satdep.deb ... 1045s Unpacking autopkgtest-satdep (0) ... 1045s Setting up pamtester (0.1.2-4) ... 1045s Setting up autopkgtest-satdep (0) ... 1045s Processing triggers for man-db (2.12.0-3) ... 1047s (Reading database ... 70317 files and directories currently installed.) 1047s Removing autopkgtest-satdep (0) ... 1048s autopkgtest [22:56:25]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 1048s autopkgtest [22:56:25]: test sssd-smart-card-pam-auth-configs: [----------------------- 1048s + '[' -z ubuntu ']' 1048s + export DEBIAN_FRONTEND=noninteractive 1048s + DEBIAN_FRONTEND=noninteractive 1048s + required_tools=(pamtester softhsm2-util sssd) 1048s + [[ ! -v OFFLINE_MODE ]] 1048s + for cmd in "${required_tools[@]}" 1048s + command -v pamtester 1048s + for cmd in "${required_tools[@]}" 1048s + command -v softhsm2-util 1048s + for cmd in "${required_tools[@]}" 1048s + command -v sssd 1048s + PIN=123456 1048s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 1048s + tmpdir=/tmp/sssd-softhsm2-certs-F1eLhr 1048s + backupsdir= 1048s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 1048s + declare -a restore_paths 1048s + declare -a delete_paths 1048s + trap handle_exit EXIT 1048s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 1048s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 1048s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 1048s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 1048s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-F1eLhr GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 1048s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-F1eLhr 1048s + GENERATE_SMART_CARDS=1 1048s + KEEP_TEMPORARY_FILES=1 1048s + NO_SSSD_TESTS=1 1048s + bash debian/tests/sssd-softhism2-certificates-tests.sh 1048s + '[' -z ubuntu ']' 1048s + required_tools=(p11tool openssl softhsm2-util) 1048s + for cmd in "${required_tools[@]}" 1048s + command -v p11tool 1048s + for cmd in "${required_tools[@]}" 1048s + command -v openssl 1048s + for cmd in "${required_tools[@]}" 1048s + command -v softhsm2-util 1048s + PIN=123456 1048s +++ find /usr/lib/softhsm/libsofthsm2.so 1048s +++ head -n 1 1048s ++ realpath /usr/lib/softhsm/libsofthsm2.so 1048s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 1048s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 1048s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 1048s + '[' '!' -v NO_SSSD_TESTS ']' 1048s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 1048s + tmpdir=/tmp/sssd-softhsm2-certs-F1eLhr 1048s + keys_size=1024 1048s + [[ ! -v KEEP_TEMPORARY_FILES ]] 1048s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 1048s + echo -n 01 1048s + touch /tmp/sssd-softhsm2-certs-F1eLhr/index.txt 1048s + mkdir -p /tmp/sssd-softhsm2-certs-F1eLhr/new_certs 1048s + cat 1048s + root_ca_key_pass=pass:random-root-CA-password-30374 1048s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-key.pem -passout pass:random-root-CA-password-30374 1024 1048s + openssl req -passin pass:random-root-CA-password-30374 -batch -config /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem 1048s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem 1048s + cat 1048s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-9812 1048s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-9812 1024 1048s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-9812 -config /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-30374 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-certificate-request.pem 1048s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-certificate-request.pem 1048s Certificate Request: 1048s Data: 1048s Version: 1 (0x0) 1048s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1048s Subject Public Key Info: 1048s Public Key Algorithm: rsaEncryption 1048s Public-Key: (1024 bit) 1048s Modulus: 1048s 00:b8:ef:0b:92:9b:43:b4:b8:d5:b2:ba:0a:38:50: 1048s 79:b0:cf:09:39:10:43:d9:4d:8e:ea:a8:eb:07:24: 1048s 57:c9:23:c3:c9:62:dd:bd:35:e9:35:7e:bd:de:dc: 1048s d8:d9:9f:df:60:2b:59:94:c1:e2:72:69:57:78:fe: 1048s e8:83:4c:31:8c:db:09:e3:ac:41:5f:e5:3e:0b:73: 1048s 5f:3d:48:82:55:54:78:7e:19:88:b6:6c:79:b5:3a: 1048s 83:55:e5:83:4a:d4:2a:e0:b4:45:ba:e6:ce:e7:48: 1048s 31:f3:e3:6f:50:4f:e3:b7:83:c6:8d:dc:3a:a0:a4: 1048s c1:e7:e4:c2:5c:d2:3d:6f:d1 1048s Exponent: 65537 (0x10001) 1048s Attributes: 1048s (none) 1048s Requested Extensions: 1048s Signature Algorithm: sha256WithRSAEncryption 1048s Signature Value: 1048s 4c:7e:91:d7:78:b0:bb:ce:c0:a4:75:d8:22:12:91:22:8c:ff: 1048s 36:36:e2:55:57:4d:7b:74:41:f3:92:bc:67:6b:77:35:eb:99: 1048s 6a:59:e1:89:07:c4:14:c6:76:01:20:24:0a:3f:4f:e3:76:bf: 1048s c0:b7:82:0c:8d:2f:70:09:d9:8d:7c:1d:86:b7:3f:f0:65:b9: 1048s 0a:4e:5b:e8:e6:77:30:24:d0:97:45:0d:bd:24:9a:ab:09:8c: 1048s e1:11:97:07:f0:41:32:42:42:c4:cf:87:cc:47:cc:fe:2a:4c: 1048s 46:92:56:4c:82:97:8d:26:42:a1:c7:20:cf:f4:9b:2a:da:39: 1048s da:0e 1048s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.config -passin pass:random-root-CA-password-30374 -keyfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem 1048s Using configuration from /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.config 1048s Check that the request matches the signature 1048s Signature ok 1048s Certificate Details: 1048s Serial Number: 1 (0x1) 1048s Validity 1048s Not Before: Mar 23 22:56:25 2024 GMT 1048s Not After : Mar 23 22:56:25 2025 GMT 1048s Subject: 1048s organizationName = Test Organization 1048s organizationalUnitName = Test Organization Unit 1048s commonName = Test Organization Intermediate CA 1048s X509v3 extensions: 1048s X509v3 Subject Key Identifier: 1048s DB:07:33:AC:08:B0:E2:8F:F1:C4:31:98:ED:15:2F:86:62:B6:11:E9 1048s X509v3 Authority Key Identifier: 1048s keyid:DD:4E:5A:B2:A8:BF:0B:12:F7:7A:33:55:BE:4E:28:99:48:3D:CF:46 1048s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1048s serial:00 1048s X509v3 Basic Constraints: 1048s CA:TRUE 1048s X509v3 Key Usage: critical 1048s Digital Signature, Certificate Sign, CRL Sign 1048s Certificate is to be certified until Mar 23 22:56:25 2025 GMT (365 days) 1048s 1048s Write out database with 1 new entries 1048s Database updated 1048s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem 1048s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem 1048s /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem: OK 1048s + cat 1048s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-19406 1048s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-19406 1024 1048s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-19406 -config /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-9812 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-certificate-request.pem 1048s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-certificate-request.pem 1048s Certificate Request: 1048s Data: 1048s Version: 1 (0x0) 1048s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1048s Subject Public Key Info: 1048s Public Key Algorithm: rsaEncryption 1048s Public-Key: (1024 bit) 1048s Modulus: 1048s 00:b9:33:8b:8d:67:ef:24:d0:e9:ae:7b:a4:af:41: 1048s ab:c3:8a:d4:b8:6f:55:bf:ee:7c:df:04:36:9c:82: 1048s 13:db:55:60:1d:d7:f8:0f:92:fd:b7:ef:8c:20:1b: 1048s 81:e0:7b:6f:21:c7:6c:34:02:57:83:8b:2d:67:06: 1048s 07:ff:43:04:bf:3a:3d:d8:c9:b3:5d:78:78:7d:bb: 1048s 25:9a:8f:c4:8d:4e:84:97:1d:fe:29:cb:04:4c:ae: 1048s f5:0d:f1:e9:0c:b3:96:9c:00:fe:ab:04:0e:fb:ba: 1048s 7e:db:6f:83:cd:49:91:b1:d9:57:6c:e8:76:4d:72: 1048s 61:ba:fb:60:ff:08:43:d3:97 1048s Exponent: 65537 (0x10001) 1048s Attributes: 1048s (none) 1048s Requested Extensions: 1048s Signature Algorithm: sha256WithRSAEncryption 1048s Signature Value: 1048s 0f:8a:83:1f:49:1b:84:c5:e9:58:db:3c:b2:99:6c:92:88:c6: 1048s b2:7c:cf:ad:52:e2:0f:e6:02:ed:70:af:66:4d:41:08:f5:23: 1048s 22:bb:23:23:23:06:59:37:92:c0:10:7d:01:63:00:e6:26:ae: 1048s ff:ea:c3:1d:05:88:12:a3:6c:03:5c:13:2e:ee:0b:d6:5a:f0: 1048s a2:c0:cd:21:89:dd:4d:78:e6:af:78:9d:2d:9b:58:43:e9:97: 1048s d5:d7:42:e3:26:aa:0f:40:4b:19:7b:d5:dd:9e:16:1d:af:ce: 1048s 92:95:98:6d:e5:25:ef:48:96:cc:da:46:dd:28:ea:31:bb:f3: 1048s 68:dd 1048s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-9812 -keyfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1048s Using configuration from /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.config 1048s Check that the request matches the signature 1048s Signature ok 1048s Certificate Details: 1048s Serial Number: 2 (0x2) 1048s Validity 1048s Not Before: Mar 23 22:56:25 2024 GMT 1048s Not After : Mar 23 22:56:25 2025 GMT 1048s Subject: 1048s organizationName = Test Organization 1048s organizationalUnitName = Test Organization Unit 1048s commonName = Test Organization Sub Intermediate CA 1048s X509v3 extensions: 1048s X509v3 Subject Key Identifier: 1048s 68:C4:AA:6A:18:1C:6E:F3:E1:B0:B8:73:DA:B4:E7:88:2D:D1:41:96 1048s X509v3 Authority Key Identifier: 1048s keyid:DB:07:33:AC:08:B0:E2:8F:F1:C4:31:98:ED:15:2F:86:62:B6:11:E9 1048s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 1048s serial:01 1048s X509v3 Basic Constraints: 1048s CA:TRUE 1048s X509v3 Key Usage: critical 1048s Digital Signature, Certificate Sign, CRL Sign 1048s Certificate is to be certified until Mar 23 22:56:25 2025 GMT (365 days) 1048s 1048s Write out database with 1 new entries 1048s Database updated 1048s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1048s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1048s /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem: OK 1048s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1048s + local cmd=openssl 1048s + shift 1048s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1048s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1048s error 20 at 0 depth lookup: unable to get local issuer certificate 1048s error /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem: verification failed 1048s + cat 1048s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-16314 1048s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-16314 1024 1048s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-16314 -key /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-request.pem 1048s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-request.pem 1048s Certificate Request: 1048s Data: 1048s Version: 1 (0x0) 1048s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1048s Subject Public Key Info: 1048s Public Key Algorithm: rsaEncryption 1048s Public-Key: (1024 bit) 1048s Modulus: 1048s 00:b0:ef:1b:fa:bc:13:e5:2f:0c:e2:6b:4d:42:92: 1048s af:39:99:06:79:11:57:e2:ed:ae:c0:aa:02:61:27: 1048s 6e:45:8e:b6:0a:19:f6:1d:91:f0:6d:0c:6c:61:07: 1048s 20:45:04:6d:cb:7b:92:42:21:a2:5a:bd:9a:5b:07: 1048s cf:04:41:15:2b:1d:c8:a5:6d:f8:44:46:12:88:55: 1048s fe:1a:3a:90:47:45:a2:fa:6b:f4:79:10:11:8c:af: 1048s 84:29:72:50:84:75:c7:9d:19:22:79:35:9f:9c:64: 1048s 7c:08:e0:a5:ab:a4:82:3d:7b:82:71:5e:9c:a8:4e: 1048s 1e:cb:74:6b:8c:90:0b:68:9d 1048s Exponent: 65537 (0x10001) 1048s Attributes: 1048s Requested Extensions: 1048s X509v3 Basic Constraints: 1048s CA:FALSE 1048s Netscape Cert Type: 1048s SSL Client, S/MIME 1048s Netscape Comment: 1048s Test Organization Root CA trusted Certificate 1048s X509v3 Subject Key Identifier: 1048s 63:E0:63:48:96:1E:43:AF:96:27:E5:BA:38:32:AB:6B:38:04:FA:B9 1048s X509v3 Key Usage: critical 1048s Digital Signature, Non Repudiation, Key Encipherment 1048s X509v3 Extended Key Usage: 1048s TLS Web Client Authentication, E-mail Protection 1048s X509v3 Subject Alternative Name: 1048s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1048s Signature Algorithm: sha256WithRSAEncryption 1048s Signature Value: 1048s 8c:78:4d:7f:63:50:45:5b:96:a9:b3:f5:2f:bf:5f:73:64:c0: 1048s 9c:46:96:58:0f:d1:2f:05:e9:ac:a9:ca:bf:5f:2a:53:8c:a0: 1048s 1e:db:aa:90:54:1c:44:0d:4e:24:c4:84:42:02:49:d2:0d:63: 1048s 52:cd:df:6f:30:28:e7:da:cd:ec:03:a0:a9:c6:fd:49:48:03: 1048s 23:f1:3e:88:70:70:95:6b:89:18:28:b1:1c:90:3f:f5:d9:38: 1048s e9:0e:54:85:f0:3a:ff:36:33:a9:22:7b:6d:08:34:f4:d7:53: 1048s ca:e6:eb:98:3a:3d:12:29:ff:d9:2b:53:4e:99:c6:91:b7:81: 1048s 47:06 1048s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.config -passin pass:random-root-CA-password-30374 -keyfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1048s Using configuration from /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.config 1048s Check that the request matches the signature 1048s Signature ok 1049s Certificate Details: 1049s Serial Number: 3 (0x3) 1049s Validity 1049s Not Before: Mar 23 22:56:25 2024 GMT 1049s Not After : Mar 23 22:56:25 2025 GMT 1049s Subject: 1049s organizationName = Test Organization 1049s organizationalUnitName = Test Organization Unit 1049s commonName = Test Organization Root Trusted Certificate 0001 1049s X509v3 extensions: 1049s X509v3 Authority Key Identifier: 1049s DD:4E:5A:B2:A8:BF:0B:12:F7:7A:33:55:BE:4E:28:99:48:3D:CF:46 1049s X509v3 Basic Constraints: 1049s CA:FALSE 1049s Netscape Cert Type: 1049s SSL Client, S/MIME 1049s Netscape Comment: 1049s Test Organization Root CA trusted Certificate 1049s X509v3 Subject Key Identifier: 1049s 63:E0:63:48:96:1E:43:AF:96:27:E5:BA:38:32:AB:6B:38:04:FA:B9 1049s X509v3 Key Usage: critical 1049s Digital Signature, Non Repudiation, Key Encipherment 1049s X509v3 Extended Key Usage: 1049s TLS Web Client Authentication, E-mail Protection 1049s X509v3 Subject Alternative Name: 1049s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1049s Certificate is to be certified until Mar 23 22:56:25 2025 GMT (365 days) 1049s 1049s Write out database with 1 new entries 1049s Database updated 1049s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem: OK 1049s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s + local cmd=openssl 1049s + shift 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 1049s error 20 at 0 depth lookup: unable to get local issuer certificate 1049s error /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem: verification failed 1049s + cat 1049s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-27857 1049s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-27857 1024 1049s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-27857 -key /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-request.pem 1049s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-request.pem 1049s Certificate Request: 1049s Data: 1049s Version: 1 (0x0) 1049s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 1049s Subject Public Key Info: 1049s Public Key Algorithm: rsaEncryption 1049s Public-Key: (1024 bit) 1049s Modulus: 1049s 00:b0:43:cc:ab:66:52:a2:34:39:b1:63:1f:78:9f: 1049s b8:17:35:02:c1:f1:7f:32:80:75:fa:df:da:13:af: 1049s 0d:06:f6:38:19:ea:0c:76:b4:a7:c5:39:35:84:ff: 1049s 10:a6:1b:85:cd:be:c9:94:66:73:6c:03:87:c6:6b: 1049s af:14:4b:75:aa:0e:f0:b4:04:2e:42:d7:5a:91:6a: 1049s cb:97:bb:5e:0b:e4:41:aa:78:b3:cd:6c:ab:bb:a2: 1049s e2:50:06:c0:51:30:cb:a7:c4:7b:4b:e8:18:3c:20: 1049s 23:a5:50:91:4a:d0:f3:e7:61:e5:d1:87:bb:f5:75: 1049s 93:c7:97:3d:70:d4:80:e0:57 1049s Exponent: 65537 (0x10001) 1049s Attributes: 1049s Requested Extensions: 1049s X509v3 Basic Constraints: 1049s CA:FALSE 1049s Netscape Cert Type: 1049s SSL Client, S/MIME 1049s Netscape Comment: 1049s Test Organization Intermediate CA trusted Certificate 1049s X509v3 Subject Key Identifier: 1049s 89:8C:FF:25:5B:E8:C4:62:BA:F8:91:76:9E:00:64:A2:3F:A5:DB:F0 1049s X509v3 Key Usage: critical 1049s Digital Signature, Non Repudiation, Key Encipherment 1049s X509v3 Extended Key Usage: 1049s TLS Web Client Authentication, E-mail Protection 1049s X509v3 Subject Alternative Name: 1049s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1049s Signature Algorithm: sha256WithRSAEncryption 1049s Signature Value: 1049s ad:73:8f:78:a1:2c:fa:1f:47:43:c0:60:54:72:78:98:dd:01: 1049s 04:15:9b:ec:78:71:2e:9c:5b:4a:ee:22:e1:fc:e9:05:b0:68: 1049s 30:5e:49:7b:bb:9f:60:e2:01:ea:2a:1e:de:ef:05:c9:35:9c: 1049s 5d:f6:4b:44:29:e1:56:a9:45:1e:b0:f8:2b:6b:ed:7f:fd:c8: 1049s ac:7f:ef:f9:33:2b:c5:48:61:40:36:55:af:bf:a9:b0:da:e5: 1049s 55:3a:fe:f2:eb:7e:3b:c8:5e:2f:f6:8c:6e:59:cf:53:96:1e: 1049s 18:51:0e:11:29:83:79:08:2f:6a:a9:1e:c2:27:89:b6:e0:33: 1049s f7:73 1049s + openssl ca -passin pass:random-intermediate-CA-password-9812 -config /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s Using configuration from /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.config 1049s Check that the request matches the signature 1049s Signature ok 1049s Certificate Details: 1049s Serial Number: 4 (0x4) 1049s Validity 1049s Not Before: Mar 23 22:56:26 2024 GMT 1049s Not After : Mar 23 22:56:26 2025 GMT 1049s Subject: 1049s organizationName = Test Organization 1049s organizationalUnitName = Test Organization Unit 1049s commonName = Test Organization Intermediate Trusted Certificate 0001 1049s X509v3 extensions: 1049s X509v3 Authority Key Identifier: 1049s DB:07:33:AC:08:B0:E2:8F:F1:C4:31:98:ED:15:2F:86:62:B6:11:E9 1049s X509v3 Basic Constraints: 1049s CA:FALSE 1049s Netscape Cert Type: 1049s SSL Client, S/MIME 1049s Netscape Comment: 1049s Test Organization Intermediate CA trusted Certificate 1049s X509v3 Subject Key Identifier: 1049s 89:8C:FF:25:5B:E8:C4:62:BA:F8:91:76:9E:00:64:A2:3F:A5:DB:F0 1049s X509v3 Key Usage: critical 1049s Digital Signature, Non Repudiation, Key Encipherment 1049s X509v3 Extended Key Usage: 1049s TLS Web Client Authentication, E-mail Protection 1049s X509v3 Subject Alternative Name: 1049s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1049s Certificate is to be certified until Mar 23 22:56:26 2025 GMT (365 days) 1049s 1049s Write out database with 1 new entries 1049s Database updated 1049s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s + echo 'This certificate should not be trusted fully' 1049s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s + local cmd=openssl 1049s This certificate should not be trusted fully 1049s + shift 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1049s error 2 at 1 depth lookup: unable to get issuer certificate 1049s error /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 1049s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem: OK 1049s + cat 1049s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-21671 1049s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-21671 1024 1049s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-21671 -key /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1049s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 1049s Certificate Request: 1049s Data: 1049s Version: 1 (0x0) 1049s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1049s Subject Public Key Info: 1049s Public Key Algorithm: rsaEncryption 1049s Public-Key: (1024 bit) 1049s Modulus: 1049s 00:c7:aa:6f:6f:0c:1a:0d:55:2e:43:f3:59:0d:71: 1049s 80:d2:fb:f6:ea:57:bb:07:50:ba:56:2c:d8:25:d6: 1049s d5:11:03:b0:be:1c:6b:76:17:28:5b:91:a3:bf:9a: 1049s 5c:48:7e:23:36:86:f4:95:0a:42:27:6c:36:3c:7d: 1049s 6c:9c:db:b4:3b:e7:23:48:27:ae:97:53:fa:26:d8: 1049s 59:13:9c:f9:04:99:22:2e:dd:62:ac:c9:a0:8a:4a: 1049s 7c:c5:6a:c1:be:c2:47:b2:cc:b5:b5:54:53:4d:66: 1049s ae:f4:6b:6a:d3:07:e9:73:56:0c:f6:d2:58:88:28: 1049s 55:39:2d:0f:fb:20:35:61:51 1049s Exponent: 65537 (0x10001) 1049s Attributes: 1049s Requested Extensions: 1049s X509v3 Basic Constraints: 1049s CA:FALSE 1049s Netscape Cert Type: 1049s SSL Client, S/MIME 1049s Netscape Comment: 1049s Test Organization Sub Intermediate CA trusted Certificate 1049s X509v3 Subject Key Identifier: 1049s 87:29:2A:6E:6B:61:60:67:D2:FF:3A:0C:80:98:5C:1F:AB:D6:AB:1D 1049s X509v3 Key Usage: critical 1049s Digital Signature, Non Repudiation, Key Encipherment 1049s X509v3 Extended Key Usage: 1049s TLS Web Client Authentication, E-mail Protection 1049s X509v3 Subject Alternative Name: 1049s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1049s Signature Algorithm: sha256WithRSAEncryption 1049s Signature Value: 1049s 91:42:00:a6:b0:b3:5d:2d:55:c3:9f:f1:77:bf:1d:8b:01:2b: 1049s 8a:84:ac:fa:3d:d6:44:86:7e:bd:5b:6d:33:ea:4b:14:c7:87: 1049s 03:18:a6:80:51:e3:dd:de:34:d6:d6:b6:61:94:c9:1e:58:7e: 1049s c0:c3:6c:01:a2:16:4c:42:ea:25:8d:4d:1f:34:c7:42:00:2f: 1049s aa:25:ca:8f:19:b4:2f:55:fb:7b:a5:00:b4:da:86:3a:ba:dd: 1049s f7:38:f8:8c:58:ec:ef:9a:f7:52:f8:a6:05:01:59:05:2e:d2: 1049s 0a:a2:18:91:fe:65:c6:ce:c6:16:bd:f0:6f:ad:ce:f8:a3:05: 1049s b5:e5 1049s + openssl ca -passin pass:random-sub-intermediate-CA-password-19406 -config /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s Using configuration from /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.config 1049s Check that the request matches the signature 1049s Signature ok 1049s Certificate Details: 1049s Serial Number: 5 (0x5) 1049s Validity 1049s Not Before: Mar 23 22:56:26 2024 GMT 1049s Not After : Mar 23 22:56:26 2025 GMT 1049s Subject: 1049s organizationName = Test Organization 1049s organizationalUnitName = Test Organization Unit 1049s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 1049s X509v3 extensions: 1049s X509v3 Authority Key Identifier: 1049s 68:C4:AA:6A:18:1C:6E:F3:E1:B0:B8:73:DA:B4:E7:88:2D:D1:41:96 1049s X509v3 Basic Constraints: 1049s CA:FALSE 1049s Netscape Cert Type: 1049s SSL Client, S/MIME 1049s Netscape Comment: 1049s Test Organization Sub Intermediate CA trusted Certificate 1049s X509v3 Subject Key Identifier: 1049s 87:29:2A:6E:6B:61:60:67:D2:FF:3A:0C:80:98:5C:1F:AB:D6:AB:1D 1049s X509v3 Key Usage: critical 1049s Digital Signature, Non Repudiation, Key Encipherment 1049s X509v3 Extended Key Usage: 1049s TLS Web Client Authentication, E-mail Protection 1049s X509v3 Subject Alternative Name: 1049s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 1049s Certificate is to be certified until Mar 23 22:56:26 2025 GMT (365 days) 1049s 1049s Write out database with 1 new entries 1049s Database updated 1049s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s This certificate should not be trusted fully 1049s + echo 'This certificate should not be trusted fully' 1049s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s + local cmd=openssl 1049s + shift 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1049s error 2 at 1 depth lookup: unable to get issuer certificate 1049s error /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1049s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s + local cmd=openssl 1049s + shift 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1049s error 20 at 0 depth lookup: unable to get local issuer certificate 1049s error /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1049s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1049s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s + local cmd=openssl 1049s + shift 1049s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 1049s error 20 at 0 depth lookup: unable to get local issuer certificate 1049s error /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 1049s + echo 'Building a the full-chain CA file...' 1049s Building a the full-chain CA file... 1049s + cat /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1049s + cat /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem 1049s + cat /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1049s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem 1049s + openssl pkcs7 -print_certs -noout 1049s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1049s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1049s 1049s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1049s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 1049s 1049s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 1049s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 1049s 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA.pem: OK 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem: OK 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem: OK 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-root-intermediate-chain-CA.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-root-intermediate-chain-CA.pem: OK 1049s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 1049s + echo 'Certificates generation completed!' 1049s Certificates generation completed! 1049s + [[ -v NO_SSSD_TESTS ]] 1049s + [[ -v GENERATE_SMART_CARDS ]] 1049s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16314 1049s + local certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s + local key_pass=pass:random-root-ca-trusted-cert-0001-16314 1049s + local key_cn 1049s + local key_name 1049s + local tokens_dir 1049s + local output_cert_file 1049s + token_name= 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem .pem 1049s + key_name=test-root-CA-trusted-certificate-0001 1049s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem 1049s ++ sed -n 's/ *commonName *= //p' 1049s + key_cn='Test Organization Root Trusted Certificate 0001' 1049s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1049s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf 1049s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 1049s + tokens_dir=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001 1049s + token_name='Test Organization Root Tr Token' 1049s + '[' '!' -e /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 1049s + local key_file 1049s + local decrypted_key 1049s + mkdir -p /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001 1049s + key_file=/tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key.pem 1049s + decrypted_key=/tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1049s + cat 1049s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 1049s Slot 0 has a free/uninitialized token. 1049s The token has been initialized and is reassigned to slot 631803009 1049s + softhsm2-util --show-slots 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s Available slots: 1049s Slot 631803009 1049s Slot info: 1049s Description: SoftHSM slot ID 0x25a88c81 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: f6fa1a63a5a88c81 1049s Initialized: yes 1049s User PIN init.: yes 1049s Label: Test Organization Root Tr Token 1049s Slot 1 1049s Slot info: 1049s Description: SoftHSM slot ID 0x1 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: 1049s Initialized: no 1049s User PIN init.: no 1049s Label: 1049s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-16314 -in /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1049s writing RSA key 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s + rm /tmp/sssd-softhsm2-certs-F1eLhr/test-root-CA-trusted-certificate-0001-key-decrypted.pem 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1049s Object 0: 1049s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f6fa1a63a5a88c81;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 1049s Type: X.509 Certificate (RSA-1024) 1049s Expires: Sun Mar 23 22:56:25 2025 1049s Label: Test Organization Root Trusted Certificate 0001 1049s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1049s 1049s + echo 'Test Organization Root Tr Token' 1049s Test Organization Root Tr Token 1049s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27857 1049s + local certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27857 1049s + local key_cn 1049s + local key_name 1049s + local tokens_dir 1049s + local output_cert_file 1049s + token_name= 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem .pem 1049s + key_name=test-intermediate-CA-trusted-certificate-0001 1049s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem 1049s ++ sed -n 's/ *commonName *= //p' 1049s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 1049s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1049s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1049s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 1049s + tokens_dir=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001 1049s + token_name='Test Organization Interme Token' 1049s + '[' '!' -e /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 1049s + local key_file 1049s + local decrypted_key 1049s + mkdir -p /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-intermediate-CA-trusted-certificate-0001 1049s + key_file=/tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key.pem 1049s + decrypted_key=/tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s + cat 1049s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 1049s Slot 0 has a free/uninitialized token. 1049s The token has been initialized and is reassigned to slot 1949860991 1049s + softhsm2-util --show-slots 1049s Available slots: 1049s Slot 1949860991 1049s Slot info: 1049s Description: SoftHSM slot ID 0x7438847f 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: 793db8d8f438847f 1049s Initialized: yes 1049s User PIN init.: yes 1049s Label: Test Organization Interme Token 1049s Slot 1 1049s Slot info: 1049s Description: SoftHSM slot ID 0x1 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: 1049s Initialized: no 1049s User PIN init.: no 1049s Label: 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-27857 -in /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s writing RSA key 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s + rm /tmp/sssd-softhsm2-certs-F1eLhr/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1049s Object 0: 1049s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=793db8d8f438847f;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 1049s Type: X.509 Certificate (RSA-1024) 1049s Expires: Sun Mar 23 22:56:26 2025 1049s Label: Test Organization Intermediate Trusted Certificate 0001 1049s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1049s 1049s Test Organization Interme Token 1049s + echo 'Test Organization Interme Token' 1049s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-21671 1049s + local certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-21671 1049s + local key_cn 1049s + local key_name 1049s + local tokens_dir 1049s + local output_cert_file 1049s + token_name= 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 1049s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 1049s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem 1049s ++ sed -n 's/ *commonName *= //p' 1049s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 1049s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 1049s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1049s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1049s ++ basename /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 1049s + tokens_dir=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1049s + token_name='Test Organization Sub Int Token' 1049s + '[' '!' -e /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 1049s + local key_file 1049s + local decrypted_key 1049s + mkdir -p /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 1049s + key_file=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 1049s + decrypted_key=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s + cat 1049s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 1049s Slot 0 has a free/uninitialized token. 1049s The token has been initialized and is reassigned to slot 1256595609 1049s + softhsm2-util --show-slots 1049s Available slots: 1049s Slot 1256595609 1049s Slot info: 1049s Description: SoftHSM slot ID 0x4ae62099 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: 8f0cd97e4ae62099 1049s Initialized: yes 1049s User PIN init.: yes 1049s Label: Test Organization Sub Int Token 1049s Slot 1 1049s Slot info: 1049s Description: SoftHSM slot ID 0x1 1049s Manufacturer ID: SoftHSM project 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Token present: yes 1049s Token info: 1049s Manufacturer ID: SoftHSM project 1049s Model: SoftHSM v2 1049s Hardware version: 2.6 1049s Firmware version: 2.6 1049s Serial number: 1049s Initialized: no 1049s User PIN init.: no 1049s Label: 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-21671 -in /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s writing RSA key 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 1049s + rm /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 1049s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 1049s Object 0: 1049s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8f0cd97e4ae62099;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 1049s Type: X.509 Certificate (RSA-1024) 1049s Expires: Sun Mar 23 22:56:26 2025 1049s Label: Test Organization Sub Intermediate Trusted Certificate 0001 1049s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 1049s 1049s Test Organization Sub Int Token 1049s Certificates generation completed! 1049s + echo 'Test Organization Sub Int Token' 1049s + echo 'Certificates generation completed!' 1049s + exit 0 1049s + find /tmp/sssd-softhsm2-certs-F1eLhr -type d -exec chmod 777 '{}' ';' 1049s + find /tmp/sssd-softhsm2-certs-F1eLhr -type f -exec chmod 666 '{}' ';' 1049s + backup_file /etc/sssd/sssd.conf 1049s + '[' -z '' ']' 1049s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 1049s + backupsdir=/tmp/sssd-softhsm2-backups-tzXriM 1049s + '[' -e /etc/sssd/sssd.conf ']' 1049s + delete_paths+=("$1") 1049s + rm -f /etc/sssd/sssd.conf 1049s ++ runuser -u ubuntu -- sh -c 'echo ~' 1049s + user_home=/home/ubuntu 1049s + mkdir -p /home/ubuntu 1049s + chown ubuntu:ubuntu /home/ubuntu 1049s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 1049s + user_config=/home/ubuntu/.config 1049s + system_config=/etc 1049s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 1049s + for path_pair in "${softhsm2_conf_paths[@]}" 1049s + IFS=: 1049s + read -r -a path 1049s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1049s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 1049s + '[' -z /tmp/sssd-softhsm2-backups-tzXriM ']' 1049s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 1049s + delete_paths+=("$1") 1049s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 1049s + for path_pair in "${softhsm2_conf_paths[@]}" 1049s + IFS=: 1049s + read -r -a path 1049s + path=/etc/softhsm/softhsm2.conf 1049s + backup_file /etc/softhsm/softhsm2.conf 1049s + '[' -z /tmp/sssd-softhsm2-backups-tzXriM ']' 1049s + '[' -e /etc/softhsm/softhsm2.conf ']' 1049s ++ dirname /etc/softhsm/softhsm2.conf 1049s + local back_dir=/tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm 1049s ++ basename /etc/softhsm/softhsm2.conf 1049s + local back_path=/tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm/softhsm2.conf 1049s + '[' '!' -e /tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm/softhsm2.conf ']' 1049s + mkdir -p /tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm 1049s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm/softhsm2.conf 1049s + restore_paths+=("$back_path") 1049s + rm -f /etc/softhsm/softhsm2.conf 1049s + test_authentication login /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem 1049s + pam_service=login 1049s + certificate_config=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf 1049s + ca_db=/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem 1049s + verification_options= 1049s + mkdir -p -m 700 /etc/sssd 1049s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 1049s Using CA DB '/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem' with verification options: '' 1049s + cat 1049s + chmod 600 /etc/sssd/sssd.conf 1049s + for path_pair in "${softhsm2_conf_paths[@]}" 1049s + IFS=: 1049s + read -r -a path 1049s + user=ubuntu 1049s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1049s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1049s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1049s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1049s + runuser -u ubuntu -- softhsm2-util --show-slots 1049s + grep 'Test Organization' 1049s + for path_pair in "${softhsm2_conf_paths[@]}" 1049s Label: Test Organization Root Tr Token 1049s + IFS=: 1049s + read -r -a path 1049s + user=root 1049s + path=/etc/softhsm/softhsm2.conf 1049s ++ dirname /etc/softhsm/softhsm2.conf 1049s + runuser -u root -- mkdir -p /etc/softhsm 1049s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1049s + runuser -u root -- softhsm2-util --show-slots 1049s + grep 'Test Organization' 1049s Label: Test Organization Root Tr Token 1049s + systemctl restart sssd 1049s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1050s + for alternative in "${alternative_pam_configs[@]}" 1050s + pam-auth-update --enable sss-smart-card-optional 1050s + cat /etc/pam.d/common-auth 1050s # 1050s # /etc/pam.d/common-auth - authentication settings common to all services 1050s # 1050s # This file is included from other service-specific PAM config files, 1050s # and should contain a list of the authentication modules that define 1050s # the central authentication scheme for use on the system 1050s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1050s # traditional Unix authentication mechanisms. 1050s # 1050s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1050s # To take advantage of this, it is recommended that you configure any 1050s # local modules either before or after the default block, and use 1050s # pam-auth-update to manage selection of other modules. See 1050s # pam-auth-update(8) for details. 1050s 1050s # here are the per-package modules (the "Primary" block) 1050s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1050s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1050s auth [success=1 default=ignore] pam_sss.so use_first_pass 1050s # here's the fallback if no module succeeds 1050s auth requisite pam_deny.so 1050s # prime the stack with a positive return value if there isn't one already; 1050s # this avoids us returning an error just because nothing sets a success code 1050s # since the modules above will each just jump around 1050s auth required pam_permit.so 1050s # and here are more per-package modules (the "Additional" block) 1050s auth optional pam_cap.so 1050s # end of pam-auth-update config 1050s + echo -n -e 123456 1050s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1050s pamtester: invoking pam_start(login, ubuntu, ...) 1050s pamtester: performing operation - authenticate 1050s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1050s + echo -n -e 123456 1050s + runuser -u ubuntu -- pamtester -v login '' authenticate 1050s pamtester: invoking pam_start(login, , ...) 1050s pamtester: performing operation - authenticate 1050s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1050s + echo -n -e wrong123456 1050s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1050s pamtester: invoking pam_start(login, ubuntu, ...) 1050s pamtester: performing operation - authenticate 1053s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 1053s + echo -n -e wrong123456 1053s + runuser -u ubuntu -- pamtester -v login '' authenticate 1053s pamtester: invoking pam_start(login, , ...) 1053s pamtester: performing operation - authenticate 1056s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 1056s + echo -n -e 123456 1056s + pamtester -v login root authenticate 1056s pamtester: invoking pam_start(login, root, ...) 1056s pamtester: performing operation - authenticate 1060s Password: pamtester: Authentication failure 1060s + for alternative in "${alternative_pam_configs[@]}" 1060s + pam-auth-update --enable sss-smart-card-required 1060s PAM configuration 1060s ----------------- 1060s 1060s Incompatible PAM profiles selected. 1060s 1060s The following PAM profiles cannot be used together: 1060s 1060s SSS required smart card authentication, SSS optional smart card 1060s authentication 1060s 1060s Please select a different set of modules to enable. 1060s 1060s + cat /etc/pam.d/common-auth 1060s # 1060s # /etc/pam.d/common-auth - authentication settings common to all services 1060s # 1060s # This file is included from other service-specific PAM config files, 1060s # and should contain a list of the authentication modules that define 1060s # the central authentication scheme for use on the system 1060s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1060s # traditional Unix authentication mechanisms. 1060s # 1060s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1060s # To take advantage of this, it is recommended that you configure any 1060s # local modules either before or after the default block, and use 1060s # pam-auth-update to manage selection of other modules. See 1060s # pam-auth-update(8) for details. 1060s 1060s # here are the per-package modules (the "Primary" block) 1060s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1060s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1060s auth [success=1 default=ignore] pam_sss.so use_first_pass 1060s # here's the fallback if no module succeeds 1060s auth requisite pam_deny.so 1060s # prime the stack with a positive return value if there isn't one already; 1060s # this avoids us returning an error just because nothing sets a success code 1060s # since the modules above will each just jump around 1060s auth required pam_permit.so 1060s # and here are more per-package modules (the "Additional" block) 1060s auth optional pam_cap.so 1060s # end of pam-auth-update config 1060s + echo -n -e 123456 1060s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1060s pamtester: invoking pam_start(login, ubuntu, ...) 1060s pamtester: performing operation - authenticate 1060s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1060s + echo -n -e 123456 1060s + runuser -u ubuntu -- pamtester -v login '' authenticate 1060s pamtester: invoking pam_start(login, , ...) 1060s pamtester: performing operation - authenticate 1060s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 1060s + echo -n -e wrong123456 1060s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1060s pamtester: invoking pam_start(login, ubuntu, ...) 1060s pamtester: performing operation - authenticate 1063s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 1063s + echo -n -e wrong123456 1063s + runuser -u ubuntu -- pamtester -v login '' authenticate 1063s pamtester: invoking pam_start(login, , ...) 1063s pamtester: performing operation - authenticate 1066s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 1066s + echo -n -e 123456 1066s + pamtester -v login root authenticate 1066s pamtester: invoking pam_start(login, root, ...) 1066s pamtester: performing operation - authenticate 1068s pamtester: Authentication service cannot retrieve authentication info 1068s + test_authentication login /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem 1068s + pam_service=login 1068s + certificate_config=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1068s + ca_db=/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem 1068s + verification_options= 1068s + mkdir -p -m 700 /etc/sssd 1068s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 1068s Using CA DB '/tmp/sssd-softhsm2-certs-F1eLhr/test-full-chain-CA.pem' with verification options: '' 1068s + cat 1068s + chmod 600 /etc/sssd/sssd.conf 1069s Label: Test Organization Sub Int Token 1069s Label: Test Organization Sub Int Token 1069s + for path_pair in "${softhsm2_conf_paths[@]}" 1069s + IFS=: 1069s + read -r -a path 1069s + user=ubuntu 1069s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1069s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1069s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1069s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1069s + runuser -u ubuntu -- softhsm2-util --show-slots 1069s + grep 'Test Organization' 1069s + for path_pair in "${softhsm2_conf_paths[@]}" 1069s + IFS=: 1069s + read -r -a path 1069s + user=root 1069s + path=/etc/softhsm/softhsm2.conf 1069s ++ dirname /etc/softhsm/softhsm2.conf 1069s + runuser -u root -- mkdir -p /etc/softhsm 1069s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1069s + runuser -u root -- softhsm2-util --show-slots 1069s + grep 'Test Organization' 1069s + systemctl restart sssd 1069s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1069s + for alternative in "${alternative_pam_configs[@]}" 1069s + pam-auth-update --enable sss-smart-card-optional 1069s + cat /etc/pam.d/common-auth 1069s + echo -n -e 123456 1069s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1069s pamtester: invoking pam_start(login, ubuntu, ...) 1069s pamtester: performing operation - authenticate 1069s PIN for Test Organization Sub Int Token: + echo -n -e 123456 1069s + runuser -u ubuntu -- pamtester -v login '' authenticate 1069s pamtester: invoking pam_start(login, , ...) 1069s pamtester: performing operation - authenticate 1069s PIN for Test Organization Sub Int Token: + echo -n -e wrong123456 1069s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1069s pamtester: invoking pam_start(login, ubuntu, ...) 1069s pamtester: performing operation - authenticate 1069s PIN for Test Organization Sub Int Token: Password: # 1069s # /etc/pam.d/common-auth - authentication settings common to all services 1069s # 1069s # This file is included from other service-specific PAM config files, 1069s # and should contain a list of the authentication modules that define 1069s # the central authentication scheme for use on the system 1069s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1069s # traditional Unix authentication mechanisms. 1069s # 1069s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1069s # To take advantage of this, it is recommended that you configure any 1069s # local modules either before or after the default block, and use 1069s # pam-auth-update to manage selection of other modules. See 1069s # pam-auth-update(8) for details. 1069s 1069s # here are the per-package modules (the "Primary" block) 1069s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1069s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1069s auth [success=1 default=ignore] pam_sss.so use_first_pass 1069s # here's the fallback if no module succeeds 1069s auth requisite pam_deny.so 1069s # prime the stack with a positive return value if there isn't one already; 1069s # this avoids us returning an error just because nothing sets a success code 1069s # since the modules above will each just jump around 1069s auth required pam_permit.so 1069s # and here are more per-package modules (the "Additional" block) 1069s auth optional pam_cap.so 1069s # end of pam-auth-update config 1069s pamtester: successfully authenticated 1069s pamtester: successfully authenticated 1072s pamtester: Authentication failure 1072s + echo -n -e wrong123456 1072s + runuser -u ubuntu -- pamtester -v login '' authenticate 1072s pamtester: invoking pam_start(login, , ...) 1072s pamtester: performing operation - authenticate 1075s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1075s + echo -n -e 123456 1075s + pamtester -v login root authenticate 1075s pamtester: invoking pam_start(login, root, ...) 1075s pamtester: performing operation - authenticate 1078s Password: pamtester: Authentication failure 1078s + for alternative in "${alternative_pam_configs[@]}" 1078s + pam-auth-update --enable sss-smart-card-required 1078s PAM configuration 1078s ----------------- 1078s 1078s Incompatible PAM profiles selected. 1078s 1078s The following PAM profiles cannot be used together: 1078s 1078s SSS required smart card authentication, SSS optional smart card 1078s authentication 1078s 1078s Please select a different set of modules to enable. 1078s 1078s + cat /etc/pam.d/common-auth 1078s + echo -n -e 123456 1078s # 1078s # /etc/pam.d/common-auth - authentication settings common to all services 1078s # 1078s # This file is included from other service-specific PAM config files, 1078s # and should contain a list of the authentication modules that define 1078s # the central authentication scheme for use on the system 1078s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1078s # traditional Unix authentication mechanisms. 1078s # 1078s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1078s # To take advantage of this, it is recommended that you configure any 1078s # local modules either before or after the default block, and use 1078s # pam-auth-update to manage selection of other modules. See 1078s # pam-auth-update(8) for details. 1078s 1078s # here are the per-package modules (the "Primary" block) 1078s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1078s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1078s auth [success=1 default=ignore] pam_sss.so use_first_pass 1078s # here's the fallback if no module succeeds 1078s auth requisite pam_deny.so 1078s # prime the stack with a positive return value if there isn't one already; 1078s # this avoids us returning an error just because nothing sets a success code 1078s # since the modules above will each just jump around 1078s auth required pam_permit.so 1078s # and here are more per-package modules (the "Additional" block) 1078s auth optional pam_cap.so 1078s # end of pam-auth-update config 1078s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1078s pamtester: invoking pam_start(login, ubuntu, ...) 1078s pamtester: performing operation - authenticate 1078s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1078s + echo -n -e 123456 1078s + runuser -u ubuntu -- pamtester -v login '' authenticate 1078s pamtester: invoking pam_start(login, , ...) 1078s pamtester: performing operation - authenticate 1078s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1078s + echo -n -e wrong123456 1078s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1078s pamtester: invoking pam_start(login, ubuntu, ...) 1078s pamtester: performing operation - authenticate 1081s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1081s + echo -n -e wrong123456 1081s + runuser -u ubuntu -- pamtester -v login '' authenticate 1081s pamtester: invoking pam_start(login, , ...) 1081s pamtester: performing operation - authenticate 1083s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1083s + echo -n -e 123456 1083s + pamtester -v login root authenticate 1083s pamtester: invoking pam_start(login, root, ...) 1083s pamtester: performing operation - authenticate 1086s pamtester: Authentication service cannot retrieve authentication info 1086s + test_authentication login /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem partial_chain 1086s + pam_service=login 1086s + certificate_config=/tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 1086s + ca_db=/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem 1086s + verification_options=partial_chain 1086s + mkdir -p -m 700 /etc/sssd 1086s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 1086s + cat 1086s Using CA DB '/tmp/sssd-softhsm2-certs-F1eLhr/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 1086s + chmod 600 /etc/sssd/sssd.conf 1086s + for path_pair in "${softhsm2_conf_paths[@]}" 1086s + IFS=: 1086s + read -r -a path 1086s + user=ubuntu 1086s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 1086s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 1086s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 1086s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 1086s + runuser -u ubuntu -- softhsm2-util --show-slots 1086s + grep 'Test Organization' 1086s + for path_pair in "${softhsm2_conf_paths[@]}" 1086s + IFS=: 1086s + read -r -a path 1086s + user=root 1086s + path=/etc/softhsm/softhsm2.conf 1086s ++ dirname /etc/softhsm/softhsm2.conf 1086s + runuser -u root -- mkdir -p /etc/softhsm 1086s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-F1eLhr/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 1086s + runuser -u root -- softhsm2-util --show-slots 1086s + grep 'Test Organization' 1086s Label: Test Organization Sub Int Token 1086s Label: Test Organization Sub Int Token 1086s + systemctl restart sssd 1086s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1087s + for alternative in "${alternative_pam_configs[@]}" 1087s + pam-auth-update --enable sss-smart-card-optional 1087s + cat /etc/pam.d/common-auth 1087s + echo -n -e 123456 1087s # 1087s # /etc/pam.d/common-auth - authentication settings common to all services 1087s # 1087s # This file is included from other service-specific PAM config files, 1087s # and should contain a list of the authentication modules that define 1087s # the central authentication scheme for use on the system 1087s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1087s # traditional Unix authentication mechanisms. 1087s # 1087s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1087s # To take advantage of this, it is recommended that you configure any 1087s # local modules either before or after the default block, and use 1087s # pam-auth-update to manage selection of other modules. See 1087s # pam-auth-update(8) for details. 1087s 1087s # here are the per-package modules (the "Primary" block) 1087s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 1087s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1087s auth [success=1 default=ignore] pam_sss.so use_first_pass 1087s # here's the fallback if no module succeeds 1087s auth requisite pam_deny.so 1087s # prime the stack with a positive return value if there isn't one already; 1087s # this avoids us returning an error just because nothing sets a success code 1087s # since the modules above will each just jump around 1087s auth required pam_permit.so 1087s # and here are more per-package modules (the "Additional" block) 1087s auth optional pam_cap.so 1087s # end of pam-auth-update config 1087s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1087s pamtester: invoking pam_start(login, ubuntu, ...) 1087s pamtester: performing operation - authenticate 1087s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1087s + echo -n -e 123456 1087s + runuser -u ubuntu -- pamtester -v login '' authenticate 1087s pamtester: invoking pam_start(login, , ...) 1087s pamtester: performing operation - authenticate 1087s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1087s + echo -n -e wrong123456 1087s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1087s pamtester: invoking pam_start(login, ubuntu, ...) 1087s pamtester: performing operation - authenticate 1090s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1090s + echo -n -e wrong123456 1090s + runuser -u ubuntu -- pamtester -v login '' authenticate 1090s pamtester: invoking pam_start(login, , ...) 1090s pamtester: performing operation - authenticate 1093s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 1093s + echo -n -e 123456 1093s + pamtester -v login root authenticate 1093s pamtester: invoking pam_start(login, root, ...) 1093s pamtester: performing operation - authenticate 1095s Password: pamtester: Authentication failure 1095s + for alternative in "${alternative_pam_configs[@]}" 1095s + pam-auth-update --enable sss-smart-card-required 1095s PAM configuration 1095s ----------------- 1095s 1095s Incompatible PAM profiles selected. 1095s 1095s The following PAM profiles cannot be used together: 1095s 1095s SSS required smart card authentication, SSS optional smart card 1095s authentication 1095s 1095s Please select a different set of modules to enable. 1095s 1095s + cat /etc/pam.d/common-auth 1095s # 1095s # /etc/pam.d/common-auth - authentication settings common to all services 1095s # 1095s # This file is included from other service-specific PAM config files, 1095s # and should contain a list of the authentication modules that define 1095s # the central authentication scheme for use on the system 1095s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 1095s # traditional Unix authentication mechanisms. 1095s # 1095s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 1095s # To take advantage of this, it is recommended that you configure any 1095s # local modules either before or after the default block, and use 1095s # pam-auth-update to manage selection of other modules. See 1095s # pam-auth-update(8) for details. 1095s 1095s # here are the per-package modules (the "Primary" block) 1095s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 1095s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 1095s auth [success=1 default=ignore] pam_sss.so use_first_pass 1095s # here's the fallback if no module succeeds 1095s auth requisite pam_deny.so 1095s # prime the stack with a positive return value if there isn't one already; 1095s # this avoids us returning an error just because nothing sets a success code 1095s # since the modules above will each just jump around 1095s auth required pam_permit.so 1095s # and here are more per-package modules (the "Additional" block) 1095s auth optional pam_cap.so 1095s # end of pam-auth-update config 1095s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1095s + echo -n -e 123456 1096s pamtester: invoking pam_start(login, ubuntu, ...) 1096s pamtester: performing operation - authenticate 1096s PIN for Test Organization Sub Int Token: + echo -n -e 123456 1096s + runuser -u ubuntu -- pamtester -v login '' authenticate 1096s pamtester: successfully authenticated 1096s pamtester: invoking pam_start(login, , ...) 1096s pamtester: performing operation - authenticate 1096s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 1096s + echo -n -e wrong123456 1096s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 1096s pamtester: invoking pam_start(login, ubuntu, ...) 1096s pamtester: performing operation - authenticate 1099s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1099s + echo -n -e wrong123456 1099s + runuser -u ubuntu -- pamtester -v login '' authenticate 1099s pamtester: invoking pam_start(login, , ...) 1099s pamtester: performing operation - authenticate 1101s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 1101s + echo -n -e 123456 1101s + pamtester -v login root authenticate 1101s pamtester: invoking pam_start(login, root, ...) 1101s pamtester: performing operation - authenticate 1105s pamtester: Authentication service cannot retrieve authentication info 1105s + handle_exit 1105s + exit_code=0 1105s + restore_changes 1105s + for path in "${restore_paths[@]}" 1105s + local original_path 1105s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-tzXriM /tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm/softhsm2.conf 1105s + original_path=/etc/softhsm/softhsm2.conf 1105s + rm /etc/softhsm/softhsm2.conf 1105s + mv /tmp/sssd-softhsm2-backups-tzXriM//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 1105s + for path in "${delete_paths[@]}" 1105s + rm -f /etc/sssd/sssd.conf 1105s + for path in "${delete_paths[@]}" 1105s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 1105s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 1105s + '[' -e /etc/sssd/sssd.conf ']' 1105s + systemctl stop sssd 1105s + '[' -e /etc/softhsm/softhsm2.conf ']' 1105s + chmod 600 /etc/softhsm/softhsm2.conf 1105s + rm -rf /tmp/sssd-softhsm2-certs-F1eLhr 1105s + '[' 0 = 0 ']' 1105s + rm -rf /tmp/sssd-softhsm2-backups-tzXriM 1105s + set +x 1105s Script completed successfully! 1105s autopkgtest [22:57:22]: test sssd-smart-card-pam-auth-configs: -----------------------] 1106s autopkgtest [22:57:23]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 1106s sssd-smart-card-pam-auth-configs PASS 1106s autopkgtest [22:57:23]: @@@@@@@@@@@@@@@@@@@@ summary 1106s ldap-user-group-ldap-auth PASS 1106s ldap-user-group-krb5-auth PASS 1106s sssd-softhism2-certificates-tests.sh PASS 1106s sssd-smart-card-pam-auth-configs PASS 1120s Creating nova instance adt-noble-ppc64el-sssd-20240323-223857-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-ppc64el-server-20240321.img (UUID 024d6af5-fcba-4a84-85f9-01f41e1878d6)... 1120s Creating nova instance adt-noble-ppc64el-sssd-20240323-223857-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-ppc64el-server-20240321.img (UUID 024d6af5-fcba-4a84-85f9-01f41e1878d6)...