1s autopkgtest [15:47:57]: starting date and time: 2024-06-14 15:47:57+0000 8s autopkgtest [15:48:04]: git checkout: 433ed4cb Merge branch 'skia/nova_flock' into 'ubuntu/5.34+prod' 8s autopkgtest [15:48:04]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.ekqnh9al/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:systemd --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=systemd/256-1ubuntu1 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos03-arm64-43.secgroup --name adt-oracular-arm64-sssd-20240614-151124-juju-7f2275-prod-proposed-migration-environment-2-ebdabb66-bb1d-44ad-b189-6eb65d000c3d --image adt/ubuntu-oracular-arm64-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 641s autopkgtest [15:58:37]: testbed dpkg architecture: arm64 642s autopkgtest [15:58:38]: testbed apt version: 2.9.3 642s autopkgtest [15:58:38]: @@@@@@@@@@@@@@@@@@@@ test bed setup 645s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 651s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 651s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [341 kB] 652s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 652s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [40.3 kB] 652s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 Packages [68.5 kB] 652s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted arm64 Packages [33.3 kB] 652s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe arm64 Packages [304 kB] 652s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse arm64 Packages [8312 B] 653s Fetched 915 kB in 8s (117 kB/s) 653s Reading package lists... 670s Reading package lists... 671s Building dependency tree... 671s Reading state information... 671s Calculating upgrade... 671s The following package was automatically installed and is no longer required: 671s systemd-dev 671s Use 'sudo apt autoremove' to remove it. 672s The following packages will be upgraded: 672s fwupd libfwupd2 libnss-systemd libpam-systemd libsystemd-shared libsystemd0 672s libudev1 systemd systemd-dev systemd-resolved systemd-sysv systemd-timesyncd 672s udev 674s 13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 674s Need to get 13.8 MB of archives. 674s After this operation, 1970 kB of additional disk space will be used. 674s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-dev all 256-1ubuntu1 [111 kB] 674s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-timesyncd arm64 256-1ubuntu1 [35.0 kB] 674s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-resolved arm64 256-1ubuntu1 [308 kB] 674s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libsystemd-shared arm64 256-1ubuntu1 [2131 kB] 674s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libsystemd0 arm64 256-1ubuntu1 [438 kB] 674s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-sysv arm64 256-1ubuntu1 [11.8 kB] 674s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libnss-systemd arm64 256-1ubuntu1 [160 kB] 674s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libpam-systemd arm64 256-1ubuntu1 [239 kB] 674s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd arm64 256-1ubuntu1 [3581 kB] 675s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 udev arm64 256-1ubuntu1 [1939 kB] 675s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libudev1 arm64 256-1ubuntu1 [192 kB] 675s Get:12 http://ftpmaster.internal/ubuntu oracular/main arm64 libfwupd2 arm64 1.9.21-1 [131 kB] 675s Get:13 http://ftpmaster.internal/ubuntu oracular/main arm64 fwupd arm64 1.9.21-1 [4477 kB] 677s Fetched 13.8 MB in 3s (4979 kB/s) 678s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78263 files and directories currently installed.) 678s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 678s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 679s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_arm64.deb ... 679s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 679s Preparing to unpack .../systemd-resolved_256-1ubuntu1_arm64.deb ... 679s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 679s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_arm64.deb ... 679s Unpacking libsystemd-shared:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 680s Preparing to unpack .../libsystemd0_256-1ubuntu1_arm64.deb ... 680s Unpacking libsystemd0:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 680s Setting up libsystemd0:arm64 (256-1ubuntu1) ... 680s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78265 files and directories currently installed.) 680s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_arm64.deb ... 680s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 680s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_arm64.deb ... 680s Unpacking libnss-systemd:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 680s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_arm64.deb ... 680s Unpacking libpam-systemd:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 681s Preparing to unpack .../3-systemd_256-1ubuntu1_arm64.deb ... 681s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 681s Preparing to unpack .../4-udev_256-1ubuntu1_arm64.deb ... 681s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 682s Preparing to unpack .../5-libudev1_256-1ubuntu1_arm64.deb ... 682s Unpacking libudev1:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 682s Setting up libudev1:arm64 (256-1ubuntu1) ... 682s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78327 files and directories currently installed.) 682s Preparing to unpack .../libfwupd2_1.9.21-1_arm64.deb ... 682s Unpacking libfwupd2:arm64 (1.9.21-1) over (1.9.20-1) ... 682s Preparing to unpack .../fwupd_1.9.21-1_arm64.deb ... 682s Unpacking fwupd (1.9.21-1) over (1.9.20-1) ... 682s Setting up libfwupd2:arm64 (1.9.21-1) ... 682s Setting up systemd-dev (256-1ubuntu1) ... 682s Setting up libsystemd-shared:arm64 (256-1ubuntu1) ... 682s Setting up systemd (256-1ubuntu1) ... 682s Installing new version of config file /etc/systemd/journald.conf ... 682s Installing new version of config file /etc/systemd/logind.conf ... 682s Installing new version of config file /etc/systemd/networkd.conf ... 682s Installing new version of config file /etc/systemd/sleep.conf ... 682s Installing new version of config file /etc/systemd/system.conf ... 682s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 683s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 684s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 685s Setting up systemd-timesyncd (256-1ubuntu1) ... 687s Setting up udev (256-1ubuntu1) ... 689s Setting up fwupd (1.9.21-1) ... 690s fwupd-offline-update.service is a disabled or a static unit not running, not starting it. 690s fwupd-refresh.service is a disabled or a static unit not running, not starting it. 691s fwupd.service is a disabled or a static unit not running, not starting it. 691s Setting up systemd-resolved (256-1ubuntu1) ... 691s Installing new version of config file /etc/systemd/resolved.conf ... 694s Setting up systemd-sysv (256-1ubuntu1) ... 694s Setting up libnss-systemd:arm64 (256-1ubuntu1) ... 694s Setting up libpam-systemd:arm64 (256-1ubuntu1) ... 695s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 696s Processing triggers for man-db (2.12.1-2) ... 697s Processing triggers for dbus (1.14.10-4ubuntu4) ... 697s Processing triggers for shared-mime-info (2.4-5) ... 697s Warning: program compiled against libxml 212 using older 209 698s Processing triggers for initramfs-tools (0.142ubuntu28) ... 698s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 698s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 832s System running in EFI mode, skipping. 832s Reading package lists... 833s Building dependency tree... 833s Reading state information... 833s The following packages will be REMOVED: 833s systemd-dev* 834s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 834s After this operation, 760 kB disk space will be freed. 834s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78327 files and directories currently installed.) 834s Removing systemd-dev (256-1ubuntu1) ... 839s Hit:1 http://ftpmaster.internal/ubuntu oracular InRelease 839s Hit:2 http://ftpmaster.internal/ubuntu oracular-updates InRelease 839s Hit:3 http://ftpmaster.internal/ubuntu oracular-security InRelease 839s Hit:4 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 843s Reading package lists... 843s Reading package lists... 843s Building dependency tree... 843s Reading state information... 844s Calculating upgrade... 844s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 844s Reading package lists... 845s Building dependency tree... 845s Reading state information... 845s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 846s autopkgtest [16:02:02]: rebooting testbed after setup commands that affected boot 850s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 883s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 916s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 949s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 982s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1015s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1048s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1057s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1061s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1066s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 1289s autopkgtest [16:09:25]: testbed running kernel: Linux 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 02:32:42 UTC 2024 1622s autopkgtest [16:14:58]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 1872s Get:1 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (dsc) [5056 B] 1872s Get:2 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (tar) [7983 kB] 1872s Get:3 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (diff) [49.2 kB] 1877s gpgv: Signature made Tue Apr 16 09:55:57 2024 UTC 1877s gpgv: using RSA key 568BF22A66337CBFC9A6B9B72C83DBC8E9BD0E37 1877s gpgv: Can't check signature: No public key 1880s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu6.dsc: no acceptable signature found 1892s autopkgtest [16:19:28]: testing package sssd version 2.9.4-1.1ubuntu6 1894s autopkgtest [16:19:30]: build not needed 1898s autopkgtest [16:19:34]: test ldap-user-group-ldap-auth: preparing testbed 1909s Reading package lists... 1910s Building dependency tree... 1910s Reading state information... 1911s Starting pkgProblemResolver with broken count: 0 1911s Starting 2 pkgProblemResolver with broken count: 0 1911s Done 1911s The following additional packages will be installed: 1911s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 1911s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 1911s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 1911s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 1911s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 1911s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 1911s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 1911s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 1911s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 1911s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 1911s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 1911s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 1911s tcl8.6 1911s Suggested packages: 1911s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 1911s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 1911s Recommended packages: 1911s cracklib-runtime libsasl2-modules-gssapi-mit 1911s | libsasl2-modules-gssapi-heimdal 1913s The following NEW packages will be installed: 1913s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 1913s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 1913s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 1913s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 1913s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 1913s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 1913s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 1913s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 1913s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 1913s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 1913s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 1913s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 1913s tcl-expect tcl8.6 1914s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 1914s Need to get 12.7 MB/12.7 MB of archives. 1914s After this operation, 60.1 MB of additional disk space will be used. 1914s Get:1 /tmp/autopkgtest.n6V4Ft/1-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [868 B] 1914s Get:2 http://ftpmaster.internal/ubuntu oracular/main arm64 libltdl7 arm64 2.4.7-7build1 [40.4 kB] 1914s Get:3 http://ftpmaster.internal/ubuntu oracular/main arm64 libodbc2 arm64 2.3.12-1ubuntu1 [145 kB] 1914s Get:4 http://ftpmaster.internal/ubuntu oracular/main arm64 slapd arm64 2.6.7+dfsg-1~exp1ubuntu8 [1515 kB] 1914s Get:5 http://ftpmaster.internal/ubuntu oracular/main arm64 libtcl8.6 arm64 8.6.14+dfsg-1build1 [978 kB] 1915s Get:6 http://ftpmaster.internal/ubuntu oracular/main arm64 tcl8.6 arm64 8.6.14+dfsg-1build1 [14.6 kB] 1915s Get:7 http://ftpmaster.internal/ubuntu oracular/universe arm64 tcl-expect arm64 5.45.4-3 [112 kB] 1915s Get:8 http://ftpmaster.internal/ubuntu oracular/universe arm64 expect arm64 5.45.4-3 [137 kB] 1915s Get:9 http://ftpmaster.internal/ubuntu oracular/main arm64 ldap-utils arm64 2.6.7+dfsg-1~exp1ubuntu8 [149 kB] 1915s Get:10 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-common-data arm64 0.8-13ubuntu6 [29.6 kB] 1915s Get:11 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-common3 arm64 0.8-13ubuntu6 [23.3 kB] 1915s Get:12 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-client3 arm64 0.8-13ubuntu6 [27.2 kB] 1915s Get:13 http://ftpmaster.internal/ubuntu oracular/main arm64 libbasicobjects0t64 arm64 0.6.2-2.1build1 [5850 B] 1915s Get:14 http://ftpmaster.internal/ubuntu oracular/main arm64 libcares2 arm64 1.27.0-1.0ubuntu1 [74.1 kB] 1915s Get:15 http://ftpmaster.internal/ubuntu oracular/main arm64 libcollection4t64 arm64 0.6.2-2.1build1 [23.5 kB] 1915s Get:16 http://ftpmaster.internal/ubuntu oracular/main arm64 libcrack2 arm64 2.9.6-5.1build2 [28.9 kB] 1915s Get:17 http://ftpmaster.internal/ubuntu oracular/main arm64 libdhash1t64 arm64 0.6.2-2.1build1 [8882 B] 1915s Get:18 http://ftpmaster.internal/ubuntu oracular/main arm64 libevent-2.1-7t64 arm64 2.1.12-stable-10 [140 kB] 1915s Get:19 http://ftpmaster.internal/ubuntu oracular/main arm64 libpath-utils1t64 arm64 0.6.2-2.1build1 [9120 B] 1915s Get:20 http://ftpmaster.internal/ubuntu oracular/main arm64 libref-array1t64 arm64 0.6.2-2.1build1 [7322 B] 1915s Get:21 http://ftpmaster.internal/ubuntu oracular/main arm64 libini-config5t64 arm64 0.6.2-2.1build1 [44.6 kB] 1915s Get:22 http://ftpmaster.internal/ubuntu oracular/main arm64 libipa-hbac0t64 arm64 2.9.4-1.1ubuntu6 [17.1 kB] 1915s Get:23 http://ftpmaster.internal/ubuntu oracular/universe arm64 libjose0 arm64 13-1 [44.5 kB] 1915s Get:24 http://ftpmaster.internal/ubuntu oracular/main arm64 libverto-libevent1t64 arm64 0.3.1-1.2ubuntu3 [6328 B] 1915s Get:25 http://ftpmaster.internal/ubuntu oracular/main arm64 libverto1t64 arm64 0.3.1-1.2ubuntu3 [10.4 kB] 1915s Get:26 http://ftpmaster.internal/ubuntu oracular/main arm64 libkrad0 arm64 1.20.1-6ubuntu2 [22.1 kB] 1915s Get:27 http://ftpmaster.internal/ubuntu oracular/main arm64 libtalloc2 arm64 2.4.2-1build2 [26.7 kB] 1915s Get:28 http://ftpmaster.internal/ubuntu oracular/main arm64 libtdb1 arm64 1.4.10-1build1 [48.5 kB] 1915s Get:29 http://ftpmaster.internal/ubuntu oracular/main arm64 libtevent0t64 arm64 0.16.1-2build1 [42.3 kB] 1915s Get:30 http://ftpmaster.internal/ubuntu oracular/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [188 kB] 1915s Get:31 http://ftpmaster.internal/ubuntu oracular/main arm64 libnfsidmap1 arm64 1:2.6.4-4ubuntu1 [48.3 kB] 1915s Get:32 http://ftpmaster.internal/ubuntu oracular/universe arm64 libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 1915s Get:33 http://ftpmaster.internal/ubuntu oracular/main arm64 libpwquality-common all 1.4.5-3build1 [7748 B] 1915s Get:34 http://ftpmaster.internal/ubuntu oracular/main arm64 libpwquality1 arm64 1.4.5-3build1 [13.3 kB] 1915s Get:35 http://ftpmaster.internal/ubuntu oracular/main arm64 libpam-pwquality arm64 1.4.5-3build1 [11.7 kB] 1915s Get:36 http://ftpmaster.internal/ubuntu oracular/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-4ubuntu9 [71.4 kB] 1915s Get:37 http://ftpmaster.internal/ubuntu oracular/main arm64 samba-libs arm64 2:4.19.5+dfsg-4ubuntu9 [6061 kB] 1915s Get:38 http://ftpmaster.internal/ubuntu oracular/main arm64 libsmbclient0 arm64 2:4.19.5+dfsg-4ubuntu9 [62.1 kB] 1915s Get:39 http://ftpmaster.internal/ubuntu oracular/main arm64 libnss-sss arm64 2.9.4-1.1ubuntu6 [32.0 kB] 1915s Get:40 http://ftpmaster.internal/ubuntu oracular/main arm64 libpam-sss arm64 2.9.4-1.1ubuntu6 [49.1 kB] 1915s Get:41 http://ftpmaster.internal/ubuntu oracular/main arm64 python3-sss arm64 2.9.4-1.1ubuntu6 [46.9 kB] 1915s Get:42 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-certmap0 arm64 2.9.4-1.1ubuntu6 [46.2 kB] 1915s Get:43 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-idmap0 arm64 2.9.4-1.1ubuntu6 [22.2 kB] 1915s Get:44 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-nss-idmap0 arm64 2.9.4-1.1ubuntu6 [30.7 kB] 1915s Get:45 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-common arm64 2.9.4-1.1ubuntu6 [1147 kB] 1915s Get:46 http://ftpmaster.internal/ubuntu oracular/universe arm64 sssd-idp arm64 2.9.4-1.1ubuntu6 [27.9 kB] 1915s Get:47 http://ftpmaster.internal/ubuntu oracular/universe arm64 sssd-passkey arm64 2.9.4-1.1ubuntu6 [32.7 kB] 1915s Get:48 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ad-common arm64 2.9.4-1.1ubuntu6 [75.4 kB] 1915s Get:49 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-krb5-common arm64 2.9.4-1.1ubuntu6 [87.9 kB] 1915s Get:50 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ad arm64 2.9.4-1.1ubuntu6 [134 kB] 1915s Get:51 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ipa arm64 2.9.4-1.1ubuntu6 [220 kB] 1915s Get:52 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-krb5 arm64 2.9.4-1.1ubuntu6 [14.3 kB] 1915s Get:53 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ldap arm64 2.9.4-1.1ubuntu6 [31.3 kB] 1915s Get:54 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-proxy arm64 2.9.4-1.1ubuntu6 [44.6 kB] 1915s Get:55 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd arm64 2.9.4-1.1ubuntu6 [4118 B] 1915s Get:56 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-dbus arm64 2.9.4-1.1ubuntu6 [103 kB] 1915s Get:57 http://ftpmaster.internal/ubuntu oracular/universe arm64 sssd-kcm arm64 2.9.4-1.1ubuntu6 [139 kB] 1915s Get:58 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-tools arm64 2.9.4-1.1ubuntu6 [97.5 kB] 1915s Get:59 http://ftpmaster.internal/ubuntu oracular/main arm64 libipa-hbac-dev arm64 2.9.4-1.1ubuntu6 [6668 B] 1915s Get:60 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-certmap-dev arm64 2.9.4-1.1ubuntu6 [5730 B] 1915s Get:61 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-idmap-dev arm64 2.9.4-1.1ubuntu6 [8380 B] 1915s Get:62 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-nss-idmap-dev arm64 2.9.4-1.1ubuntu6 [6714 B] 1915s Get:63 http://ftpmaster.internal/ubuntu oracular/universe arm64 libsss-sudo arm64 2.9.4-1.1ubuntu6 [20.7 kB] 1915s Get:64 http://ftpmaster.internal/ubuntu oracular/universe arm64 python3-libipa-hbac arm64 2.9.4-1.1ubuntu6 [16.6 kB] 1915s Get:65 http://ftpmaster.internal/ubuntu oracular/universe arm64 python3-libsss-nss-idmap arm64 2.9.4-1.1ubuntu6 [9152 B] 1940s Preconfiguring packages ... 1946s Fetched 12.7 MB in 3s (4850 kB/s) 1949s Selecting previously unselected package libltdl7:arm64. 1950s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78280 files and directories currently installed.) 1950s Preparing to unpack .../00-libltdl7_2.4.7-7build1_arm64.deb ... 1950s Unpacking libltdl7:arm64 (2.4.7-7build1) ... 1951s Selecting previously unselected package libodbc2:arm64. 1958s Preparing to unpack .../01-libodbc2_2.3.12-1ubuntu1_arm64.deb ... 1958s Unpacking libodbc2:arm64 (2.3.12-1ubuntu1) ... 1959s Selecting previously unselected package slapd. 1962s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8_arm64.deb ... 1969s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 1970s Selecting previously unselected package libtcl8.6:arm64. 1973s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_arm64.deb ... 1973s Unpacking libtcl8.6:arm64 (8.6.14+dfsg-1build1) ... 1974s Selecting previously unselected package tcl8.6. 1978s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_arm64.deb ... 1978s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 1978s Selecting previously unselected package tcl-expect:arm64. 1983s Preparing to unpack .../05-tcl-expect_5.45.4-3_arm64.deb ... 1984s Unpacking tcl-expect:arm64 (5.45.4-3) ... 1985s Selecting previously unselected package expect. 1992s Preparing to unpack .../06-expect_5.45.4-3_arm64.deb ... 1992s Unpacking expect (5.45.4-3) ... 1992s Selecting previously unselected package ldap-utils. 1996s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8_arm64.deb ... 1996s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 1997s Selecting previously unselected package libavahi-common-data:arm64. 2000s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu6_arm64.deb ... 2000s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu6) ... 2000s Selecting previously unselected package libavahi-common3:arm64. 2006s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu6_arm64.deb ... 2006s Unpacking libavahi-common3:arm64 (0.8-13ubuntu6) ... 2006s Selecting previously unselected package libavahi-client3:arm64. 2010s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu6_arm64.deb ... 2011s Unpacking libavahi-client3:arm64 (0.8-13ubuntu6) ... 2012s Selecting previously unselected package libbasicobjects0t64:arm64. 2017s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_arm64.deb ... 2017s Unpacking libbasicobjects0t64:arm64 (0.6.2-2.1build1) ... 2018s Selecting previously unselected package libcares2:arm64. 2022s Preparing to unpack .../12-libcares2_1.27.0-1.0ubuntu1_arm64.deb ... 2022s Unpacking libcares2:arm64 (1.27.0-1.0ubuntu1) ... 2029s Selecting previously unselected package libcollection4t64:arm64. 2033s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1build1_arm64.deb ... 2034s Unpacking libcollection4t64:arm64 (0.6.2-2.1build1) ... 2034s Selecting previously unselected package libcrack2:arm64. 2039s Preparing to unpack .../14-libcrack2_2.9.6-5.1build2_arm64.deb ... 2039s Unpacking libcrack2:arm64 (2.9.6-5.1build2) ... 2039s Selecting previously unselected package libdhash1t64:arm64. 2044s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1build1_arm64.deb ... 2045s Unpacking libdhash1t64:arm64 (0.6.2-2.1build1) ... 2046s Selecting previously unselected package libevent-2.1-7t64:arm64. 2050s Preparing to unpack .../16-libevent-2.1-7t64_2.1.12-stable-10_arm64.deb ... 2050s Unpacking libevent-2.1-7t64:arm64 (2.1.12-stable-10) ... 2050s Selecting previously unselected package libpath-utils1t64:arm64. 2057s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1build1_arm64.deb ... 2057s Unpacking libpath-utils1t64:arm64 (0.6.2-2.1build1) ... 2057s Selecting previously unselected package libref-array1t64:arm64. 2062s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1build1_arm64.deb ... 2062s Unpacking libref-array1t64:arm64 (0.6.2-2.1build1) ... 2062s Selecting previously unselected package libini-config5t64:arm64. 2066s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1build1_arm64.deb ... 2066s Unpacking libini-config5t64:arm64 (0.6.2-2.1build1) ... 2067s Selecting previously unselected package libipa-hbac0t64. 2071s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu6_arm64.deb ... 2071s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 2072s Selecting previously unselected package libjose0:arm64. 2077s Preparing to unpack .../21-libjose0_13-1_arm64.deb ... 2077s Unpacking libjose0:arm64 (13-1) ... 2077s Selecting previously unselected package libverto-libevent1t64:arm64. 2081s Preparing to unpack .../22-libverto-libevent1t64_0.3.1-1.2ubuntu3_arm64.deb ... 2081s Unpacking libverto-libevent1t64:arm64 (0.3.1-1.2ubuntu3) ... 2081s Selecting previously unselected package libverto1t64:arm64. 2085s Preparing to unpack .../23-libverto1t64_0.3.1-1.2ubuntu3_arm64.deb ... 2085s Unpacking libverto1t64:arm64 (0.3.1-1.2ubuntu3) ... 2085s Selecting previously unselected package libkrad0:arm64. 2089s Preparing to unpack .../24-libkrad0_1.20.1-6ubuntu2_arm64.deb ... 2089s Unpacking libkrad0:arm64 (1.20.1-6ubuntu2) ... 2090s Selecting previously unselected package libtalloc2:arm64. 2094s Preparing to unpack .../25-libtalloc2_2.4.2-1build2_arm64.deb ... 2094s Unpacking libtalloc2:arm64 (2.4.2-1build2) ... 2094s Selecting previously unselected package libtdb1:arm64. 2099s Preparing to unpack .../26-libtdb1_1.4.10-1build1_arm64.deb ... 2099s Unpacking libtdb1:arm64 (1.4.10-1build1) ... 2100s Selecting previously unselected package libtevent0t64:arm64. 2103s Preparing to unpack .../27-libtevent0t64_0.16.1-2build1_arm64.deb ... 2103s Unpacking libtevent0t64:arm64 (0.16.1-2build1) ... 2103s Selecting previously unselected package libldb2:arm64. 2105s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_arm64.deb ... 2105s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 2106s Selecting previously unselected package libnfsidmap1:arm64. 2106s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-4ubuntu1_arm64.deb ... 2106s Unpacking libnfsidmap1:arm64 (1:2.6.4-4ubuntu1) ... 2106s Selecting previously unselected package libnss-sudo. 2107s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 2107s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 2107s Selecting previously unselected package libpwquality-common. 2108s Preparing to unpack .../31-libpwquality-common_1.4.5-3build1_all.deb ... 2108s Unpacking libpwquality-common (1.4.5-3build1) ... 2109s Selecting previously unselected package libpwquality1:arm64. 2109s Preparing to unpack .../32-libpwquality1_1.4.5-3build1_arm64.deb ... 2109s Unpacking libpwquality1:arm64 (1.4.5-3build1) ... 2109s Selecting previously unselected package libpam-pwquality:arm64. 2110s Preparing to unpack .../33-libpam-pwquality_1.4.5-3build1_arm64.deb ... 2110s Unpacking libpam-pwquality:arm64 (1.4.5-3build1) ... 2111s Selecting previously unselected package libwbclient0:arm64. 2111s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2111s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2111s Selecting previously unselected package samba-libs:arm64. 2111s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2111s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2112s Selecting previously unselected package libsmbclient0:arm64. 2112s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2112s Unpacking libsmbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2112s Selecting previously unselected package libnss-sss:arm64. 2114s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2114s Unpacking libnss-sss:arm64 (2.9.4-1.1ubuntu6) ... 2115s Selecting previously unselected package libpam-sss:arm64. 2119s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2119s Unpacking libpam-sss:arm64 (2.9.4-1.1ubuntu6) ... 2120s Selecting previously unselected package python3-sss. 2124s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2124s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 2125s Selecting previously unselected package libsss-certmap0. 2136s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2136s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 2138s Selecting previously unselected package libsss-idmap0. 2142s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2142s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 2143s Selecting previously unselected package libsss-nss-idmap0. 2146s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2146s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 2147s Selecting previously unselected package sssd-common. 2150s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu6_arm64.deb ... 2150s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 2151s Selecting previously unselected package sssd-idp. 2153s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu6_arm64.deb ... 2153s Unpacking sssd-idp (2.9.4-1.1ubuntu6) ... 2154s Selecting previously unselected package sssd-passkey. 2157s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu6_arm64.deb ... 2157s Unpacking sssd-passkey (2.9.4-1.1ubuntu6) ... 2157s Selecting previously unselected package sssd-ad-common. 2160s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu6_arm64.deb ... 2160s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 2160s Selecting previously unselected package sssd-krb5-common. 2163s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu6_arm64.deb ... 2163s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 2164s Selecting previously unselected package sssd-ad. 2168s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu6_arm64.deb ... 2168s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 2168s Selecting previously unselected package sssd-ipa. 2169s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu6_arm64.deb ... 2169s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 2170s Selecting previously unselected package sssd-krb5. 2171s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu6_arm64.deb ... 2171s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 2171s Selecting previously unselected package sssd-ldap. 2171s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu6_arm64.deb ... 2171s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 2171s Selecting previously unselected package sssd-proxy. 2171s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu6_arm64.deb ... 2171s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 2172s Selecting previously unselected package sssd. 2173s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu6_arm64.deb ... 2173s Unpacking sssd (2.9.4-1.1ubuntu6) ... 2173s Selecting previously unselected package sssd-dbus. 2173s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu6_arm64.deb ... 2173s Unpacking sssd-dbus (2.9.4-1.1ubuntu6) ... 2174s Selecting previously unselected package sssd-kcm. 2176s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu6_arm64.deb ... 2176s Unpacking sssd-kcm (2.9.4-1.1ubuntu6) ... 2177s Selecting previously unselected package sssd-tools. 2180s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu6_arm64.deb ... 2180s Unpacking sssd-tools (2.9.4-1.1ubuntu6) ... 2182s Selecting previously unselected package libipa-hbac-dev. 2186s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu6_arm64.deb ... 2186s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 2187s Selecting previously unselected package libsss-certmap-dev. 2190s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu6_arm64.deb ... 2190s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 2190s Selecting previously unselected package libsss-idmap-dev. 2191s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu6_arm64.deb ... 2191s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 2192s Selecting previously unselected package libsss-nss-idmap-dev. 2194s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu6_arm64.deb ... 2194s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 2195s Selecting previously unselected package libsss-sudo. 2197s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu6_arm64.deb ... 2197s Unpacking libsss-sudo (2.9.4-1.1ubuntu6) ... 2198s Selecting previously unselected package python3-libipa-hbac. 2198s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu6_arm64.deb ... 2198s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 2198s Selecting previously unselected package python3-libsss-nss-idmap. 2198s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu6_arm64.deb ... 2198s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 2198s Selecting previously unselected package autopkgtest-satdep. 2198s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 2198s Unpacking autopkgtest-satdep (0) ... 2198s Setting up libpwquality-common (1.4.5-3build1) ... 2198s Setting up libnfsidmap1:arm64 (1:2.6.4-4ubuntu1) ... 2198s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 2198s Setting up libbasicobjects0t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 2198s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 2198s Setting up libref-array1t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 2198s Setting up libtdb1:arm64 (1.4.10-1build1) ... 2198s Setting up libcollection4t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libevent-2.1-7t64:arm64 (2.1.12-stable-10) ... 2198s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 2198s Setting up libjose0:arm64 (13-1) ... 2198s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2198s Setting up libtalloc2:arm64 (2.4.2-1build2) ... 2198s Setting up libpath-utils1t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libavahi-common-data:arm64 (0.8-13ubuntu6) ... 2198s Setting up libcares2:arm64 (1.27.0-1.0ubuntu1) ... 2198s Setting up libdhash1t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libtcl8.6:arm64 (8.6.14+dfsg-1build1) ... 2198s Setting up libltdl7:arm64 (2.4.7-7build1) ... 2198s Setting up libcrack2:arm64 (2.9.6-5.1build2) ... 2198s Setting up libodbc2:arm64 (2.3.12-1ubuntu1) ... 2198s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 2198s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 2198s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 2198s Setting up libini-config5t64:arm64 (0.6.2-2.1build1) ... 2198s Setting up libtevent0t64:arm64 (0.16.1-2build1) ... 2198s Setting up libnss-sss:arm64 (2.9.4-1.1ubuntu6) ... 2198s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 2199s Creating new user openldap... done. 2200s Creating initial configuration... done. 2200s Creating LDAP directory... done. 2202s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 2202s Setting up libsss-sudo (2.9.4-1.1ubuntu6) ... 2202s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 2202s Setting up libavahi-common3:arm64 (0.8-13ubuntu6) ... 2202s Setting up tcl-expect:arm64 (5.45.4-3) ... 2202s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 2202s Setting up libpwquality1:arm64 (1.4.5-3build1) ... 2202s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 2202s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 2202s Setting up libavahi-client3:arm64 (0.8-13ubuntu6) ... 2202s Setting up expect (5.45.4-3) ... 2202s Setting up libpam-pwquality:arm64 (1.4.5-3build1) ... 2205s Setting up samba-libs:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2205s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 2205s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 2207s Setting up libsmbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2207s Setting up libpam-sss:arm64 (2.9.4-1.1ubuntu6) ... 2208s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 2208s Creating SSSD system user & group... 2209s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 2210s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 2210s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 2210s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 2213s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 2213s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 2215s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 2215s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 2216s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 2217s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 2217s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 2218s sssd-autofs.service is a disabled or a static unit, not starting it. 2218s sssd-nss.service is a disabled or a static unit, not starting it. 2218s sssd-pam.service is a disabled or a static unit, not starting it. 2218s sssd-ssh.service is a disabled or a static unit, not starting it. 2218s sssd-sudo.service is a disabled or a static unit, not starting it. 2219s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 2219s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 2219s Setting up sssd-kcm (2.9.4-1.1ubuntu6) ... 2219s Created symlink '/etc/systemd/system/sockets.target.wants/sssd-kcm.socket' → '/usr/lib/systemd/system/sssd-kcm.socket'. 2220s sssd-kcm.service is a disabled or a static unit, not starting it. 2220s Setting up sssd-dbus (2.9.4-1.1ubuntu6) ... 2221s sssd-ifp.service is a disabled or a static unit, not starting it. 2221s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 2221s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 2223s sssd-pac.service is a disabled or a static unit, not starting it. 2223s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 2223s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-tools (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd (2.9.4-1.1ubuntu6) ... 2223s Setting up libverto-libevent1t64:arm64 (0.3.1-1.2ubuntu3) ... 2223s Setting up libverto1t64:arm64 (0.3.1-1.2ubuntu3) ... 2223s Setting up libkrad0:arm64 (1.20.1-6ubuntu2) ... 2223s Setting up sssd-passkey (2.9.4-1.1ubuntu6) ... 2223s Setting up sssd-idp (2.9.4-1.1ubuntu6) ... 2223s Setting up autopkgtest-satdep (0) ... 2223s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 2223s Processing triggers for ufw (0.36.2-6) ... 2224s Processing triggers for man-db (2.12.1-2) ... 2232s Processing triggers for dbus (1.14.10-4ubuntu4) ... 2250s (Reading database ... 79571 files and directories currently installed.) 2250s Removing autopkgtest-satdep (0) ... 2251s autopkgtest [16:25:27]: test ldap-user-group-ldap-auth: [----------------------- 2251s + . debian/tests/util 2251s + . debian/tests/common-tests 2251s + mydomain=example.com 2251s + myhostname=ldap.example.com 2251s + mysuffix=dc=example,dc=com 2251s + admin_dn=cn=admin,dc=example,dc=com 2251s + admin_pw=secret 2251s + ldap_user=testuser1 2251s + ldap_user_pw=testuser1secret 2251s + ldap_group=ldapusers 2251s + adjust_hostname ldap.example.com 2251s + local myhostname=ldap.example.com 2251s + echo ldap.example.com 2251s + hostname ldap.example.com 2251s + grep -qE ldap.example.com /etc/hosts 2251s + echo 127.0.1.10 ldap.example.com 2251s + reconfigure_slapd 2251s + debconf-set-selections 2252s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 2252s + dpkg-reconfigure -fnoninteractive -pcritical slapd 2254s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 2254s Moving old database directory to /var/backups: 2254s - directory unknown... done. 2254s Creating initial configuration... done. 2254s Creating LDAP directory... done. 2257s + generate_certs ldap.example.com 2257s + local cn=ldap.example.com 2257s + local cert=/etc/ldap/server.pem 2257s + local key=/etc/ldap/server.key 2257s + local cnf=/etc/ldap/openssl.cnf 2257s + cat 2257s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 2257s .....++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2257s ......++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2257s ----- 2257s + chmod 0640 /etc/ldap/server.key 2257s + chgrp openldap /etc/ldap/server.key 2257s + [ ! -f /etc/ldap/server.pem ] 2257s + [ ! -f /etc/ldap/server.key ] 2257s + enable_ldap_ssl 2257s + cat 2257s + cat 2257s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 2258s modifying entry "cn=config" 2258s 2258s + populate_ldap_rfc2307 2258s + cat 2258s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 2258s adding new entry "ou=People,dc=example,dc=com" 2258s 2258s adding new entry "ou=Group,dc=example,dc=com" 2258s 2258s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 2258s 2258s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 2258s 2258s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 2258s 2258s + configure_sssd_ldap_rfc2307 2258s + cat 2258s + chmod 0600 /etc/sssd/sssd.conf 2258s + systemctl restart sssd 2259s + enable_pam_mkhomedir 2259s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 2259s Assert local user databases do not have our LDAP test data 2259s + echo session optional pam_mkhomedir.so 2259s + run_common_tests 2259s + echo Assert local user databases do not have our LDAP test data 2259s + check_local_user testuser1 2259s + local local_user=testuser1 2259s + grep -q ^testuser1 /etc/passwd 2259s + check_local_group testuser1 2259s + local local_group=testuser1 2259s + grep -q ^testuser1 /etc/group 2259s + check_local_group ldapusers 2259s + local local_group=ldapusers 2259s + grep -q ^ldapusers /etc/group 2259s The LDAP user is known to the system via getent 2259s + echo The LDAP user is known to the system via getent 2259s + check_getent_user testuser1 2259s + local getent_user=testuser1 2259s + local output 2259s + getent passwd testuser1 2259s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 2259s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 2259s + echo The LDAP user's private group is known to the system via getent 2259s + check_getent_group testuser1 2259s + local getent_group=testuser1 2259s + local output 2259s The LDAP user's private group is known to the system via getent 2259s + getent group testuser1 2259s + output=testuser1:*:10001:testuser1 2259s + [ -z testuser1:*:10001:testuser1 ] 2259s + echo The LDAP group ldapusers is known to the system via getent 2259s The LDAP group ldapusers is known to the system via getent 2259s + check_getent_group ldapusers 2259s + local getent_group=ldapusers 2259s + local output 2259s + getent group ldapusers 2259s + output=ldapusers:*:10100:testuser1 2259s + [ -z ldapusers:*:10100:testuser1 ] 2259s + echo The id(1) command can resolve the group membership of the LDAP user 2259s The id(1) command can resolve the group membership of the LDAP user 2259s + id -Gn testuser1 2259s + output=testuser1 ldapusers 2259s + [ testuser1 ldapusers != testuser1 ldapusers ] 2259s + echo The LDAP user can login on a terminal 2259s The LDAP user can login on a terminal 2259s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 2260s spawn login 2260s ldap.example.com login: testuser1 2260s Password: 2260s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic aarch64) 2260s 2260s * Documentation: https://help.ubuntu.com 2260s * Management: https://landscape.canonical.com 2260s * Support: https://ubuntu.com/pro 2260s 2260s 2260s The programs included with the Ubuntu system are free software; 2260s the exact distribution terms for each program are described in the 2260s individual files in /usr/share/doc/*/copyright. 2260s 2260s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 2260s applicable law. 2260s 2260s 2260s The programs included with the Ubuntu system are free software; 2260s the exact distribution terms for each program are described in the 2260s individual files in /usr/share/doc/*/copyright. 2260s 2260s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 2260s applicable law. 2260s 2260s Creating directory '/home/testuser1'. 2260s [?2004htestuser1@ldap:~$ id -un 2260s [?2004l testuser1 2260s [?2004htestuser1@ldap:~$ autopkgtest [16:25:36]: test ldap-user-group-ldap-auth: -----------------------] 2261s autopkgtest [16:25:37]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 2261s ldap-user-group-ldap-auth PASS 2262s autopkgtest [16:25:38]: test ldap-user-group-krb5-auth: preparing testbed 2264s Reading package lists... 2264s Building dependency tree... 2264s Reading state information... 2264s Starting pkgProblemResolver with broken count: 0 2264s Starting 2 pkgProblemResolver with broken count: 0 2264s Done 2265s The following additional packages will be installed: 2265s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 2265s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 2265s Suggested packages: 2265s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 2265s The following NEW packages will be installed: 2265s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 2265s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 2265s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 2265s Need to get 597 kB/598 kB of archives. 2265s After this operation, 2914 kB of additional disk space will be used. 2265s Get:1 /tmp/autopkgtest.n6V4Ft/2-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [892 B] 2265s Get:2 http://ftpmaster.internal/ubuntu oracular/main arm64 krb5-config all 2.7 [22.0 kB] 2265s Get:3 http://ftpmaster.internal/ubuntu oracular/main arm64 libgssrpc4t64 arm64 1.20.1-6ubuntu2 [57.9 kB] 2266s Get:4 http://ftpmaster.internal/ubuntu oracular/main arm64 libkadm5clnt-mit12 arm64 1.20.1-6ubuntu2 [40.0 kB] 2266s Get:5 http://ftpmaster.internal/ubuntu oracular/main arm64 libkdb5-10t64 arm64 1.20.1-6ubuntu2 [40.5 kB] 2266s Get:6 http://ftpmaster.internal/ubuntu oracular/main arm64 libkadm5srv-mit12 arm64 1.20.1-6ubuntu2 [53.4 kB] 2266s Get:7 http://ftpmaster.internal/ubuntu oracular/universe arm64 krb5-user arm64 1.20.1-6ubuntu2 [108 kB] 2266s Get:8 http://ftpmaster.internal/ubuntu oracular/universe arm64 krb5-kdc arm64 1.20.1-6ubuntu2 [180 kB] 2266s Get:9 http://ftpmaster.internal/ubuntu oracular/universe arm64 krb5-admin-server arm64 1.20.1-6ubuntu2 [94.9 kB] 2266s Preconfiguring packages ... 2267s Fetched 597 kB in 1s (898 kB/s) 2267s Selecting previously unselected package krb5-config. 2267s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 79571 files and directories currently installed.) 2267s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 2267s Unpacking krb5-config (2.7) ... 2267s Selecting previously unselected package libgssrpc4t64:arm64. 2268s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2_arm64.deb ... 2268s Unpacking libgssrpc4t64:arm64 (1.20.1-6ubuntu2) ... 2269s Selecting previously unselected package libkadm5clnt-mit12:arm64. 2269s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2_arm64.deb ... 2269s Unpacking libkadm5clnt-mit12:arm64 (1.20.1-6ubuntu2) ... 2269s Selecting previously unselected package libkdb5-10t64:arm64. 2270s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2_arm64.deb ... 2270s Unpacking libkdb5-10t64:arm64 (1.20.1-6ubuntu2) ... 2270s Selecting previously unselected package libkadm5srv-mit12:arm64. 2271s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2_arm64.deb ... 2271s Unpacking libkadm5srv-mit12:arm64 (1.20.1-6ubuntu2) ... 2271s Selecting previously unselected package krb5-user. 2271s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2_arm64.deb ... 2271s Unpacking krb5-user (1.20.1-6ubuntu2) ... 2271s Selecting previously unselected package krb5-kdc. 2271s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2_arm64.deb ... 2271s Unpacking krb5-kdc (1.20.1-6ubuntu2) ... 2271s Selecting previously unselected package krb5-admin-server. 2271s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2_arm64.deb ... 2271s Unpacking krb5-admin-server (1.20.1-6ubuntu2) ... 2271s Selecting previously unselected package autopkgtest-satdep. 2271s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 2271s Unpacking autopkgtest-satdep (0) ... 2272s Setting up libgssrpc4t64:arm64 (1.20.1-6ubuntu2) ... 2272s Setting up krb5-config (2.7) ... 2272s Setting up libkadm5clnt-mit12:arm64 (1.20.1-6ubuntu2) ... 2272s Setting up libkdb5-10t64:arm64 (1.20.1-6ubuntu2) ... 2272s Setting up libkadm5srv-mit12:arm64 (1.20.1-6ubuntu2) ... 2272s Setting up krb5-user (1.20.1-6ubuntu2) ... 2272s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 2272s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 2272s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 2272s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 2272s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 2272s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 2272s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 2272s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 2272s Setting up krb5-kdc (1.20.1-6ubuntu2) ... 2273s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-kdc.service' → '/usr/lib/systemd/system/krb5-kdc.service'. 2274s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 2275s Setting up krb5-admin-server (1.20.1-6ubuntu2) ... 2276s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-admin-server.service' → '/usr/lib/systemd/system/krb5-admin-server.service'. 2278s Setting up autopkgtest-satdep (0) ... 2278s Processing triggers for man-db (2.12.1-2) ... 2279s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 2292s (Reading database ... 79666 files and directories currently installed.) 2292s Removing autopkgtest-satdep (0) ... 2293s autopkgtest [16:26:09]: test ldap-user-group-krb5-auth: [----------------------- 2294s + . debian/tests/util 2294s + . debian/tests/common-tests 2294s + mydomain=example.com 2294s + myhostname=ldap.example.com 2294s + mysuffix=dc=example,dc=com 2294s + myrealm=EXAMPLE.COM 2294s + admin_dn=cn=admin,dc=example,dc=com 2294s + admin_pw=secret 2294s + ldap_user=testuser1 2294s + ldap_user_pw=testuser1secret 2294s + kerberos_principal_pw=testuser1kerberos 2294s + ldap_group=ldapusers 2294s + adjust_hostname ldap.example.com 2294s + local myhostname=ldap.example.com 2294s + echo ldap.example.com 2294s + hostname ldap.example.com 2294s + grep -qE ldap.example.com /etc/hosts 2294s + reconfigure_slapd 2294s + debconf-set-selections 2294s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8-20240614-162530.ldapdb 2294s + dpkg-reconfigure -fnoninteractive -pcritical slapd 2295s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 2295s Moving old database directory to /var/backups: 2295s - directory unknown... done. 2295s Creating initial configuration... done. 2295s Creating LDAP directory... done. 2296s + generate_certs ldap.example.com 2296s + local cn=ldap.example.com 2296s + local cert=/etc/ldap/server.pem 2296s + local key=/etc/ldap/server.key 2296s + local cnf=/etc/ldap/openssl.cnf 2296s + cat 2296s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 2296s .....++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2296s .......................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2296s ----- 2296s + chmod 0640 /etc/ldap/server.key 2296s + chgrp openldap /etc/ldap/server.key 2296s + [ ! -f /etc/ldap/server.pem ] 2296s + [ ! -f /etc/ldap/server.key ] 2296s + enable_ldap_ssl 2296s + cat 2296s + cat 2296s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 2296s modifying entry "cn=config" 2296s 2296s + populate_ldap_rfc2307 2296s + + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 2296s cat 2296s adding new entry "ou=People,dc=example,dc=com" 2296s 2296s adding new entry "ou=Group,dc=example,dc=com" 2296s 2296s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 2296s 2296s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 2296s 2296s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 2296s 2296s + create_realm EXAMPLE.COM ldap.example.com 2296s + local realm_name=EXAMPLE.COM 2296s + local kerberos_server=ldap.example.com 2296s + rm -rf /var/lib/krb5kdc/* 2296s + rm -rf /etc/krb5kdc/kdc.conf 2296s + rm -f /etc/krb5.keytab 2296s + cat 2296s + cat 2296s + echo # */admin * 2296s + kdb5_util create -s -P secretpassword 2297s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 2297s master key name 'K/M@EXAMPLE.COM' 2297s + systemctl restart krb5-kdc.service krb5-admin-server.service 2297s + create_krb_principal testuser1 testuser1kerberos 2297s + local principal=testuser1 2297s + local password=testuser1kerberos 2297s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 2297s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 2297s Authenticating as principal root/admin@EXAMPLE.COM with password. 2297s Principal "testuser1@EXAMPLE.COM" created. 2297s + configure_sssd_ldap_rfc2307_krb5_auth 2297s + cat 2297s + chmod 0600 /etc/sssd/sssd.conf 2297s + systemctl restart sssd 2298s + enable_pam_mkhomedir 2298s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 2298s Assert local user databases do not have our LDAP test data 2298s + run_common_tests 2298s + echo Assert local user databases do not have our LDAP test data 2298s + check_local_user testuser1 2298s + local local_user=testuser1 2298s + grep -q ^testuser1 /etc/passwd 2298s + check_local_group testuser1 2298s + local local_group=testuser1 2298s + grep -q ^testuser1 /etc/group 2298s + The LDAP user is known to the system via getent 2298s The LDAP user's private group is known to the system via getent 2298s The LDAP group ldapusers is known to the system via getent 2298s The id(1) command can resolve the group membership of the LDAP user 2298s check_local_group ldapusers 2298s + local local_group=ldapusers 2298s + grep -q ^ldapusers /etc/group 2298s + echo The LDAP user is known to the system via getent 2298s + check_getent_user testuser1 2298s + local getent_user=testuser1 2298s + local output 2298s + getent passwd testuser1 2298s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 2298s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 2298s + echo The LDAP user's private group is known to the system via getent 2298s + check_getent_group testuser1 2298s + local getent_group=testuser1 2298s + local output 2298s + getent group testuser1 2298s + output=testuser1:*:10001:testuser1 2298s + [ -z testuser1:*:10001:testuser1 ] 2298s + echo The LDAP group ldapusers is known to the system via getent 2298s + check_getent_group ldapusers 2298s + local getent_group=ldapusers 2298s + local output 2298s + getent group ldapusers 2298s + output=ldapusers:*:10100:testuser1 2298s + [ -z ldapusers:*:10100:testuser1 ] 2298s + echo The id(1) command can resolve the group membership of the LDAP user 2298s + id -Gn testuser1 2298s + output=testuser1 ldapusers 2298s The Kerberos principal can login on a terminal 2298s + [ testuser1 ldapusers != testuser1 ldapusers ] 2298s + echo The Kerberos principal can login on a terminal 2298s + kdestroy 2298s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 2298s spawn login 2298s ldap.example.com login: testuser1 2298s Password: 2298s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic aarch64) 2298s 2298s * Documentation: https://help.ubuntu.com 2298s * Management: https://landscape.canonical.com 2298s * Support: https://ubuntu.com/pro 2298s 2298s 2298s The programs included with the Ubuntu system are free software; 2298s the exact distribution terms for each program are described in the 2298s individual files in /usr/share/doc/*/copyright. 2298s 2298s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 2298s applicable law. 2298s 2298s [?2004htestuser1@ldap:~$ id -un 2298s [?2004l testuser1 2298s [?2004htestuser1@ldap:~$ klist 2298s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_4zo3Iu 2298s Default principal: testuser1@EXAMPLE.COM 2298s 2298s Valid starting Expires Service principal 2298s 06/14/24 16:26:14 06/15/24 02:26:14 krbtgt/EXAMPLE.COM@EXAMPLE.COM 2298s renew until 06/15/24 16:26:14 2299s autopkgtest [16:26:15]: test ldap-user-group-krb5-auth: -----------------------] 2299s autopkgtest [16:26:15]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 2299s ldap-user-group-krb5-auth PASS 2301s autopkgtest [16:26:17]: test sssd-softhism2-certificates-tests.sh: preparing testbed 2556s autopkgtest [16:30:32]: testbed dpkg architecture: arm64 2556s autopkgtest [16:30:32]: testbed apt version: 2.9.3 2556s autopkgtest [16:30:32]: @@@@@@@@@@@@@@@@@@@@ test bed setup 2556s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 2557s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 2557s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [341 kB] 2557s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 2557s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [40.3 kB] 2557s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 Packages [68.5 kB] 2557s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted arm64 Packages [33.3 kB] 2557s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe arm64 Packages [304 kB] 2557s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse arm64 Packages [8312 B] 2557s Fetched 915 kB in 1s (953 kB/s) 2557s Reading package lists... 2560s Reading package lists... 2561s Building dependency tree... 2561s Reading state information... 2561s Calculating upgrade... 2561s The following package was automatically installed and is no longer required: 2561s systemd-dev 2561s Use 'sudo apt autoremove' to remove it. 2562s The following packages will be upgraded: 2562s fwupd libfwupd2 libnss-systemd libpam-systemd libsystemd-shared libsystemd0 2562s libudev1 systemd systemd-dev systemd-resolved systemd-sysv systemd-timesyncd 2562s udev 2562s 13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 2562s Need to get 13.8 MB of archives. 2562s After this operation, 1970 kB of additional disk space will be used. 2562s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-dev all 256-1ubuntu1 [111 kB] 2562s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-timesyncd arm64 256-1ubuntu1 [35.0 kB] 2562s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-resolved arm64 256-1ubuntu1 [308 kB] 2562s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libsystemd-shared arm64 256-1ubuntu1 [2131 kB] 2562s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libsystemd0 arm64 256-1ubuntu1 [438 kB] 2562s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd-sysv arm64 256-1ubuntu1 [11.8 kB] 2562s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libnss-systemd arm64 256-1ubuntu1 [160 kB] 2563s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libpam-systemd arm64 256-1ubuntu1 [239 kB] 2563s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 systemd arm64 256-1ubuntu1 [3581 kB] 2563s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 udev arm64 256-1ubuntu1 [1939 kB] 2563s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main arm64 libudev1 arm64 256-1ubuntu1 [192 kB] 2563s Get:12 http://ftpmaster.internal/ubuntu oracular/main arm64 libfwupd2 arm64 1.9.21-1 [131 kB] 2563s Get:13 http://ftpmaster.internal/ubuntu oracular/main arm64 fwupd arm64 1.9.21-1 [4477 kB] 2564s Fetched 13.8 MB in 1s (10.8 MB/s) 2564s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78263 files and directories currently installed.) 2564s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 2564s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 2564s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_arm64.deb ... 2564s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 2564s Preparing to unpack .../systemd-resolved_256-1ubuntu1_arm64.deb ... 2564s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 2564s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_arm64.deb ... 2564s Unpacking libsystemd-shared:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 2564s Preparing to unpack .../libsystemd0_256-1ubuntu1_arm64.deb ... 2564s Unpacking libsystemd0:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 2564s Setting up libsystemd0:arm64 (256-1ubuntu1) ... 2564s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78265 files and directories currently installed.) 2564s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_arm64.deb ... 2564s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_arm64.deb ... 2565s Unpacking libnss-systemd:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_arm64.deb ... 2565s Unpacking libpam-systemd:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Preparing to unpack .../3-systemd_256-1ubuntu1_arm64.deb ... 2565s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Preparing to unpack .../4-udev_256-1ubuntu1_arm64.deb ... 2565s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Preparing to unpack .../5-libudev1_256-1ubuntu1_arm64.deb ... 2565s Unpacking libudev1:arm64 (256-1ubuntu1) over (255.4-1ubuntu8) ... 2565s Setting up libudev1:arm64 (256-1ubuntu1) ... 2566s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78327 files and directories currently installed.) 2566s Preparing to unpack .../libfwupd2_1.9.21-1_arm64.deb ... 2566s Unpacking libfwupd2:arm64 (1.9.21-1) over (1.9.20-1) ... 2566s Preparing to unpack .../fwupd_1.9.21-1_arm64.deb ... 2566s Unpacking fwupd (1.9.21-1) over (1.9.20-1) ... 2566s Setting up libfwupd2:arm64 (1.9.21-1) ... 2566s Setting up systemd-dev (256-1ubuntu1) ... 2566s Setting up libsystemd-shared:arm64 (256-1ubuntu1) ... 2566s Setting up systemd (256-1ubuntu1) ... 2566s Installing new version of config file /etc/systemd/journald.conf ... 2566s Installing new version of config file /etc/systemd/logind.conf ... 2566s Installing new version of config file /etc/systemd/networkd.conf ... 2566s Installing new version of config file /etc/systemd/sleep.conf ... 2566s Installing new version of config file /etc/systemd/system.conf ... 2566s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 2566s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 2566s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 2567s Setting up systemd-timesyncd (256-1ubuntu1) ... 2568s Setting up udev (256-1ubuntu1) ... 2569s Setting up fwupd (1.9.21-1) ... 2570s fwupd-offline-update.service is a disabled or a static unit not running, not starting it. 2570s fwupd-refresh.service is a disabled or a static unit not running, not starting it. 2570s fwupd.service is a disabled or a static unit not running, not starting it. 2570s Setting up systemd-resolved (256-1ubuntu1) ... 2570s Installing new version of config file /etc/systemd/resolved.conf ... 2570s Setting up systemd-sysv (256-1ubuntu1) ... 2571s Setting up libnss-systemd:arm64 (256-1ubuntu1) ... 2571s Setting up libpam-systemd:arm64 (256-1ubuntu1) ... 2571s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 2571s Processing triggers for man-db (2.12.1-2) ... 2572s Processing triggers for dbus (1.14.10-4ubuntu4) ... 2573s Processing triggers for shared-mime-info (2.4-5) ... 2573s Warning: program compiled against libxml 212 using older 209 2574s Processing triggers for initramfs-tools (0.142ubuntu28) ... 2574s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 2574s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 2595s System running in EFI mode, skipping. 2596s Reading package lists... 2596s Building dependency tree... 2596s Reading state information... 2597s The following packages will be REMOVED: 2597s systemd-dev* 2598s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 2598s After this operation, 760 kB disk space will be freed. 2598s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78327 files and directories currently installed.) 2598s Removing systemd-dev (256-1ubuntu1) ... 2600s Hit:1 http://ftpmaster.internal/ubuntu oracular InRelease 2600s Hit:2 http://ftpmaster.internal/ubuntu oracular-updates InRelease 2600s Hit:3 http://ftpmaster.internal/ubuntu oracular-security InRelease 2600s Hit:4 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 2602s Reading package lists... 2602s Reading package lists... 2603s Building dependency tree... 2603s Reading state information... 2603s Calculating upgrade... 2604s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 2604s Reading package lists... 2604s Building dependency tree... 2604s Reading state information... 2604s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 2605s autopkgtest [16:31:21]: rebooting testbed after setup commands that affected boot 2610s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 2631s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 2650s Reading package lists... 2650s Building dependency tree... 2650s Reading state information... 2651s Starting pkgProblemResolver with broken count: 0 2651s Starting 2 pkgProblemResolver with broken count: 0 2651s Done 2651s The following additional packages will be installed: 2651s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 2651s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 2651s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 2651s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 2651s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 2651s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 2651s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 2651s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 2651s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 2651s Suggested packages: 2651s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 2651s Recommended packages: 2651s cracklib-runtime libsasl2-modules-gssapi-mit 2651s | libsasl2-modules-gssapi-heimdal ldap-utils 2652s The following NEW packages will be installed: 2652s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 2652s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 2652s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 2652s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 2652s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 2652s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 2652s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 2652s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 2652s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 2652s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 2652s Need to get 10.1 MB/10.1 MB of archives. 2652s After this operation, 48.7 MB of additional disk space will be used. 2652s Get:1 /tmp/autopkgtest.n6V4Ft/3-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [744 B] 2652s Get:2 http://ftpmaster.internal/ubuntu oracular/main arm64 libevent-2.1-7t64 arm64 2.1.12-stable-10 [140 kB] 2652s Get:3 http://ftpmaster.internal/ubuntu oracular/main arm64 libunbound8 arm64 1.19.2-1ubuntu3 [424 kB] 2652s Get:4 http://ftpmaster.internal/ubuntu oracular/main arm64 libgnutls-dane0t64 arm64 3.8.5-4ubuntu1 [23.7 kB] 2652s Get:5 http://ftpmaster.internal/ubuntu oracular/universe arm64 gnutls-bin arm64 3.8.5-4ubuntu1 [267 kB] 2652s Get:6 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-common-data arm64 0.8-13ubuntu6 [29.6 kB] 2652s Get:7 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-common3 arm64 0.8-13ubuntu6 [23.3 kB] 2652s Get:8 http://ftpmaster.internal/ubuntu oracular/main arm64 libavahi-client3 arm64 0.8-13ubuntu6 [27.2 kB] 2652s Get:9 http://ftpmaster.internal/ubuntu oracular/main arm64 libbasicobjects0t64 arm64 0.6.2-2.1build1 [5850 B] 2652s Get:10 http://ftpmaster.internal/ubuntu oracular/main arm64 libcares2 arm64 1.27.0-1.0ubuntu1 [74.1 kB] 2652s Get:11 http://ftpmaster.internal/ubuntu oracular/main arm64 libcollection4t64 arm64 0.6.2-2.1build1 [23.5 kB] 2652s Get:12 http://ftpmaster.internal/ubuntu oracular/main arm64 libcrack2 arm64 2.9.6-5.1build2 [28.9 kB] 2652s Get:13 http://ftpmaster.internal/ubuntu oracular/main arm64 libdhash1t64 arm64 0.6.2-2.1build1 [8882 B] 2652s Get:14 http://ftpmaster.internal/ubuntu oracular/main arm64 libpath-utils1t64 arm64 0.6.2-2.1build1 [9120 B] 2652s Get:15 http://ftpmaster.internal/ubuntu oracular/main arm64 libref-array1t64 arm64 0.6.2-2.1build1 [7322 B] 2652s Get:16 http://ftpmaster.internal/ubuntu oracular/main arm64 libini-config5t64 arm64 0.6.2-2.1build1 [44.6 kB] 2652s Get:17 http://ftpmaster.internal/ubuntu oracular/main arm64 libipa-hbac0t64 arm64 2.9.4-1.1ubuntu6 [17.1 kB] 2652s Get:18 http://ftpmaster.internal/ubuntu oracular/main arm64 libtalloc2 arm64 2.4.2-1build2 [26.7 kB] 2652s Get:19 http://ftpmaster.internal/ubuntu oracular/main arm64 libtdb1 arm64 1.4.10-1build1 [48.5 kB] 2652s Get:20 http://ftpmaster.internal/ubuntu oracular/main arm64 libtevent0t64 arm64 0.16.1-2build1 [42.3 kB] 2652s Get:21 http://ftpmaster.internal/ubuntu oracular/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [188 kB] 2652s Get:22 http://ftpmaster.internal/ubuntu oracular/main arm64 libnfsidmap1 arm64 1:2.6.4-4ubuntu1 [48.3 kB] 2652s Get:23 http://ftpmaster.internal/ubuntu oracular/main arm64 libpwquality-common all 1.4.5-3build1 [7748 B] 2652s Get:24 http://ftpmaster.internal/ubuntu oracular/main arm64 libpwquality1 arm64 1.4.5-3build1 [13.3 kB] 2652s Get:25 http://ftpmaster.internal/ubuntu oracular/main arm64 libpam-pwquality arm64 1.4.5-3build1 [11.7 kB] 2652s Get:26 http://ftpmaster.internal/ubuntu oracular/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-4ubuntu9 [71.4 kB] 2652s Get:27 http://ftpmaster.internal/ubuntu oracular/main arm64 samba-libs arm64 2:4.19.5+dfsg-4ubuntu9 [6061 kB] 2653s Get:28 http://ftpmaster.internal/ubuntu oracular/main arm64 libsmbclient0 arm64 2:4.19.5+dfsg-4ubuntu9 [62.1 kB] 2653s Get:29 http://ftpmaster.internal/ubuntu oracular/universe arm64 softhsm2-common arm64 2.6.1-2.2ubuntu3 [6196 B] 2653s Get:30 http://ftpmaster.internal/ubuntu oracular/universe arm64 libsofthsm2 arm64 2.6.1-2.2ubuntu3 [247 kB] 2653s Get:31 http://ftpmaster.internal/ubuntu oracular/universe arm64 softhsm2 arm64 2.6.1-2.2ubuntu3 [167 kB] 2653s Get:32 http://ftpmaster.internal/ubuntu oracular/main arm64 python3-sss arm64 2.9.4-1.1ubuntu6 [46.9 kB] 2653s Get:33 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-idmap0 arm64 2.9.4-1.1ubuntu6 [22.2 kB] 2653s Get:34 http://ftpmaster.internal/ubuntu oracular/main arm64 libnss-sss arm64 2.9.4-1.1ubuntu6 [32.0 kB] 2653s Get:35 http://ftpmaster.internal/ubuntu oracular/main arm64 libpam-sss arm64 2.9.4-1.1ubuntu6 [49.1 kB] 2653s Get:36 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-certmap0 arm64 2.9.4-1.1ubuntu6 [46.2 kB] 2653s Get:37 http://ftpmaster.internal/ubuntu oracular/main arm64 libsss-nss-idmap0 arm64 2.9.4-1.1ubuntu6 [30.7 kB] 2653s Get:38 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-common arm64 2.9.4-1.1ubuntu6 [1147 kB] 2653s Get:39 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ad-common arm64 2.9.4-1.1ubuntu6 [75.4 kB] 2653s Get:40 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-krb5-common arm64 2.9.4-1.1ubuntu6 [87.9 kB] 2653s Get:41 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ad arm64 2.9.4-1.1ubuntu6 [134 kB] 2653s Get:42 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ipa arm64 2.9.4-1.1ubuntu6 [220 kB] 2653s Get:43 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-krb5 arm64 2.9.4-1.1ubuntu6 [14.3 kB] 2653s Get:44 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-ldap arm64 2.9.4-1.1ubuntu6 [31.3 kB] 2653s Get:45 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd-proxy arm64 2.9.4-1.1ubuntu6 [44.6 kB] 2653s Get:46 http://ftpmaster.internal/ubuntu oracular/main arm64 sssd arm64 2.9.4-1.1ubuntu6 [4118 B] 2654s Fetched 10.1 MB in 1s (8692 kB/s) 2654s Selecting previously unselected package libevent-2.1-7t64:arm64. 2654s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78280 files and directories currently installed.) 2654s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-10_arm64.deb ... 2654s Unpacking libevent-2.1-7t64:arm64 (2.1.12-stable-10) ... 2654s Selecting previously unselected package libunbound8:arm64. 2654s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3_arm64.deb ... 2654s Unpacking libunbound8:arm64 (1.19.2-1ubuntu3) ... 2654s Selecting previously unselected package libgnutls-dane0t64:arm64. 2654s Preparing to unpack .../02-libgnutls-dane0t64_3.8.5-4ubuntu1_arm64.deb ... 2654s Unpacking libgnutls-dane0t64:arm64 (3.8.5-4ubuntu1) ... 2654s Selecting previously unselected package gnutls-bin. 2654s Preparing to unpack .../03-gnutls-bin_3.8.5-4ubuntu1_arm64.deb ... 2654s Unpacking gnutls-bin (3.8.5-4ubuntu1) ... 2654s Selecting previously unselected package libavahi-common-data:arm64. 2654s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu6_arm64.deb ... 2654s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu6) ... 2654s Selecting previously unselected package libavahi-common3:arm64. 2654s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu6_arm64.deb ... 2654s Unpacking libavahi-common3:arm64 (0.8-13ubuntu6) ... 2655s Selecting previously unselected package libavahi-client3:arm64. 2655s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu6_arm64.deb ... 2655s Unpacking libavahi-client3:arm64 (0.8-13ubuntu6) ... 2655s Selecting previously unselected package libbasicobjects0t64:arm64. 2655s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libbasicobjects0t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libcares2:arm64. 2655s Preparing to unpack .../08-libcares2_1.27.0-1.0ubuntu1_arm64.deb ... 2655s Unpacking libcares2:arm64 (1.27.0-1.0ubuntu1) ... 2655s Selecting previously unselected package libcollection4t64:arm64. 2655s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libcollection4t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libcrack2:arm64. 2655s Preparing to unpack .../10-libcrack2_2.9.6-5.1build2_arm64.deb ... 2655s Unpacking libcrack2:arm64 (2.9.6-5.1build2) ... 2655s Selecting previously unselected package libdhash1t64:arm64. 2655s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libdhash1t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libpath-utils1t64:arm64. 2655s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libpath-utils1t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libref-array1t64:arm64. 2655s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libref-array1t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libini-config5t64:arm64. 2655s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1build1_arm64.deb ... 2655s Unpacking libini-config5t64:arm64 (0.6.2-2.1build1) ... 2655s Selecting previously unselected package libipa-hbac0t64. 2655s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu6_arm64.deb ... 2655s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 2655s Selecting previously unselected package libtalloc2:arm64. 2655s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_arm64.deb ... 2655s Unpacking libtalloc2:arm64 (2.4.2-1build2) ... 2655s Selecting previously unselected package libtdb1:arm64. 2655s Preparing to unpack .../17-libtdb1_1.4.10-1build1_arm64.deb ... 2655s Unpacking libtdb1:arm64 (1.4.10-1build1) ... 2655s Selecting previously unselected package libtevent0t64:arm64. 2655s Preparing to unpack .../18-libtevent0t64_0.16.1-2build1_arm64.deb ... 2655s Unpacking libtevent0t64:arm64 (0.16.1-2build1) ... 2655s Selecting previously unselected package libldb2:arm64. 2655s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_arm64.deb ... 2655s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 2655s Selecting previously unselected package libnfsidmap1:arm64. 2655s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-4ubuntu1_arm64.deb ... 2655s Unpacking libnfsidmap1:arm64 (1:2.6.4-4ubuntu1) ... 2655s Selecting previously unselected package libpwquality-common. 2655s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 2655s Unpacking libpwquality-common (1.4.5-3build1) ... 2655s Selecting previously unselected package libpwquality1:arm64. 2655s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_arm64.deb ... 2655s Unpacking libpwquality1:arm64 (1.4.5-3build1) ... 2655s Selecting previously unselected package libpam-pwquality:arm64. 2655s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_arm64.deb ... 2655s Unpacking libpam-pwquality:arm64 (1.4.5-3build1) ... 2655s Selecting previously unselected package libwbclient0:arm64. 2655s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2655s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2655s Selecting previously unselected package samba-libs:arm64. 2655s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2655s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2656s Selecting previously unselected package libsmbclient0:arm64. 2656s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_arm64.deb ... 2656s Unpacking libsmbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2656s Selecting previously unselected package softhsm2-common. 2656s Preparing to unpack .../27-softhsm2-common_2.6.1-2.2ubuntu3_arm64.deb ... 2656s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 2656s Selecting previously unselected package libsofthsm2. 2656s Preparing to unpack .../28-libsofthsm2_2.6.1-2.2ubuntu3_arm64.deb ... 2656s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 2656s Selecting previously unselected package softhsm2. 2656s Preparing to unpack .../29-softhsm2_2.6.1-2.2ubuntu3_arm64.deb ... 2656s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 2656s Selecting previously unselected package python3-sss. 2656s Preparing to unpack .../30-python3-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package libsss-idmap0. 2656s Preparing to unpack .../31-libsss-idmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package libnss-sss:arm64. 2656s Preparing to unpack .../32-libnss-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking libnss-sss:arm64 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package libpam-sss:arm64. 2656s Preparing to unpack .../33-libpam-sss_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking libpam-sss:arm64 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package libsss-certmap0. 2656s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package libsss-nss-idmap0. 2656s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-common. 2656s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-ad-common. 2656s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-krb5-common. 2656s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-ad. 2656s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-ipa. 2656s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-krb5. 2656s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu6_arm64.deb ... 2656s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 2656s Selecting previously unselected package sssd-ldap. 2657s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu6_arm64.deb ... 2657s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 2657s Selecting previously unselected package sssd-proxy. 2657s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu6_arm64.deb ... 2657s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 2657s Selecting previously unselected package sssd. 2657s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu6_arm64.deb ... 2657s Unpacking sssd (2.9.4-1.1ubuntu6) ... 2657s Selecting previously unselected package autopkgtest-satdep. 2657s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 2657s Unpacking autopkgtest-satdep (0) ... 2657s Setting up libpwquality-common (1.4.5-3build1) ... 2657s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 2658s 2658s Creating config file /etc/softhsm/softhsm2.conf with new version 2658s Setting up libnfsidmap1:arm64 (1:2.6.4-4ubuntu1) ... 2658s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 2658s Setting up libbasicobjects0t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 2658s Setting up libref-array1t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libtdb1:arm64 (1.4.10-1build1) ... 2658s Setting up libcollection4t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libevent-2.1-7t64:arm64 (2.1.12-stable-10) ... 2658s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2658s Setting up libtalloc2:arm64 (2.4.2-1build2) ... 2658s Setting up libpath-utils1t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libunbound8:arm64 (1.19.2-1ubuntu3) ... 2658s Setting up libgnutls-dane0t64:arm64 (3.8.5-4ubuntu1) ... 2658s Setting up libavahi-common-data:arm64 (0.8-13ubuntu6) ... 2658s Setting up libcares2:arm64 (1.27.0-1.0ubuntu1) ... 2658s Setting up libdhash1t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libcrack2:arm64 (2.9.6-5.1build2) ... 2658s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 2658s Setting up libini-config5t64:arm64 (0.6.2-2.1build1) ... 2658s Setting up libtevent0t64:arm64 (0.16.1-2build1) ... 2658s Setting up libnss-sss:arm64 (2.9.4-1.1ubuntu6) ... 2658s Setting up gnutls-bin (3.8.5-4ubuntu1) ... 2658s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 2658s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 2658s Setting up libavahi-common3:arm64 (0.8-13ubuntu6) ... 2658s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 2658s Setting up libpwquality1:arm64 (1.4.5-3build1) ... 2658s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 2658s Setting up libavahi-client3:arm64 (0.8-13ubuntu6) ... 2658s Setting up libpam-pwquality:arm64 (1.4.5-3build1) ... 2659s Setting up samba-libs:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2659s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 2659s Setting up libsmbclient0:arm64 (2:4.19.5+dfsg-4ubuntu9) ... 2659s Setting up libpam-sss:arm64 (2.9.4-1.1ubuntu6) ... 2659s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 2659s Creating SSSD system user & group... 2659s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 2659s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 2659s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 2659s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 2660s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 2660s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 2661s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 2661s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 2661s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 2661s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 2661s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 2662s sssd-autofs.service is a disabled or a static unit, not starting it. 2662s sssd-nss.service is a disabled or a static unit, not starting it. 2662s sssd-pam.service is a disabled or a static unit, not starting it. 2662s sssd-ssh.service is a disabled or a static unit, not starting it. 2662s sssd-sudo.service is a disabled or a static unit, not starting it. 2662s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 2662s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 2662s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 2662s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 2663s sssd-pac.service is a disabled or a static unit, not starting it. 2663s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 2663s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 2663s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 2663s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 2663s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 2663s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 2663s Setting up sssd (2.9.4-1.1ubuntu6) ... 2663s Setting up autopkgtest-satdep (0) ... 2663s Processing triggers for man-db (2.12.1-2) ... 2664s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 2669s (Reading database ... 78876 files and directories currently installed.) 2669s Removing autopkgtest-satdep (0) ... 2674s autopkgtest [16:32:30]: test sssd-softhism2-certificates-tests.sh: [----------------------- 2674s + '[' -z ubuntu ']' 2674s + required_tools=(p11tool openssl softhsm2-util) 2674s + for cmd in "${required_tools[@]}" 2674s + command -v p11tool 2674s + for cmd in "${required_tools[@]}" 2674s + command -v openssl 2674s + for cmd in "${required_tools[@]}" 2674s + command -v softhsm2-util 2674s + PIN=053350 2674s +++ find /usr/lib/softhsm/libsofthsm2.so 2674s +++ head -n 1 2674s ++ realpath /usr/lib/softhsm/libsofthsm2.so 2674s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2674s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 2674s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 2674s + '[' '!' -v NO_SSSD_TESTS ']' 2674s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 2674s + ca_db_arg=ca_db 2674s ++ /usr/libexec/sssd/p11_child --help 2674s + p11_child_help='Usage: p11_child [OPTION...] 2674s -d, --debug-level=INT Debug level 2674s --debug-timestamps=INT Add debug timestamps 2674s --debug-microseconds=INT Show timestamps with microseconds 2674s --dumpable=INT Allow core dumps 2674s --debug-fd=INT An open file descriptor for the debug 2674s logs 2674s --logger=stderr|files|journald Set logger 2674s --auth Run in auth mode 2674s --pre Run in pre-auth mode 2674s --wait_for_card Wait until card is available 2674s --verification Run in verification mode 2674s --pin Expect PIN on stdin 2674s --keypad Expect PIN on keypad 2674s --verify=STRING Tune validation 2674s --ca_db=STRING CA DB to use 2674s --module_name=STRING Module name for authentication 2674s --token_name=STRING Token name for authentication 2674s --key_id=STRING Key ID for authentication 2674s --label=STRING Label for authentication 2674s --certificate=STRING certificate to verify, base64 encoded 2674s --uri=STRING PKCS#11 URI to restrict selection 2674s --chain-id=LONG Tevent chain ID used for logging 2674s purposes 2674s 2674s Help options: 2674s -?, --help Show this help message 2674s --usage Display brief usage message' 2674s + echo 'Usage: p11_child [OPTION...] 2674s -d, --debug-level=INT Debug level 2674s --debug-timestamps=INT Add debug timestamps 2674s --debug-microseconds=INT Show timestamps with microseconds 2674s --dumpable=INT Allow core dumps 2674s --debug-fd=INT An open file descriptor for the debug 2674s logs 2674s --logger=stderr|files|journald Set logger 2674s --auth Run in auth mode 2674s --pre Run in pre-auth mode 2674s --wait_for_card Wait until card is available 2674s --verification Run in verification mode 2674s --pin Expect PIN on stdin 2674s --keypad Expect PIN on keypad 2674s --verify=STRING Tune validation 2674s --ca_db=STRING CA DB to use 2674s --module_name=STRING Module name for authentication 2674s --token_name=STRING Token name for authentication 2674s --key_id=STRING Key ID for authentication 2674s --label=STRING Label for authentication 2674s --certificate=STRING certificate to verify, base64 encoded 2674s --uri=STRING PKCS#11 URI to restrict selection 2674s --chain-id=LONG Tevent chain ID used for logging 2674s purposes 2674s 2674s Help options: 2674s -?, --help Show this help message 2674s --usage Display brief usage message' 2674s + grep nssdb -qs 2674s + echo 'Usage: p11_child [OPTION...] 2674s -d, --debug-level=INT Debug level 2674s --debug-timestamps=INT Add debug timestamps 2674s --debug-microseconds=INT Show timestamps with microseconds 2674s --dumpable=INT Allow core dumps 2674s --debug-fd=INT An open file descriptor for the debug 2674s logs 2674s --logger=stderr|files|journald Set logger 2674s --auth Run in auth mode 2674s --pre Run in pre-auth mode 2674s --wait_for_card Wait until card is available 2674s --verification Run in verification mode 2674s --pin Expect PIN on stdin 2674s --keypad Expect PIN on keypad 2674s --verify=STRING Tune validation 2674s --ca_db=STRING CA DB to use 2674s --module_name=STRING Module name for authentication 2674s --token_name=STRING Token name for authentication 2674s --key_id=STRING Key ID for authentication 2674s --label=STRING Label for authentication 2674s --certificate=STRING certificate to verify, base64 encoded 2674s --uri=STRING PKCS#11 URI to restrict selection 2674s --chain-id=LONG Tevent chain ID used for logging 2674s purposes 2674s 2674s Help options: 2674s -?, --help Show this help message 2674s --usage Display brief usage message' 2674s + grep -qs -- --ca_db 2674s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 2674s ++ mktemp -d -t sssd-softhsm2-XXXXXX 2674s + tmpdir=/tmp/sssd-softhsm2-xU4xnd 2674s + keys_size=1024 2674s + [[ ! -v KEEP_TEMPORARY_FILES ]] 2674s + trap 'rm -rf "$tmpdir"' EXIT 2674s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 2674s + echo -n 01 2674s + touch /tmp/sssd-softhsm2-xU4xnd/index.txt 2674s + mkdir -p /tmp/sssd-softhsm2-xU4xnd/new_certs 2674s + cat 2674s + root_ca_key_pass=pass:random-root-CA-password-27586 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA-key.pem -passout pass:random-root-CA-password-27586 1024 2674s + openssl req -passin pass:random-root-CA-password-27586 -batch -config /tmp/sssd-softhsm2-xU4xnd/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-xU4xnd/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2674s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2674s + cat 2674s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-15808 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-15808 1024 2674s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-15808 -config /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.config -key /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-27586 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-certificate-request.pem 2674s + openssl req -text -noout -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-certificate-request.pem 2674s Certificate Request: 2674s Data: 2674s Version: 1 (0x0) 2674s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2674s Subject Public Key Info: 2674s Public Key Algorithm: rsaEncryption 2674s Public-Key: (1024 bit) 2674s Modulus: 2674s 00:b0:b4:34:3d:9f:3b:24:19:7f:c6:2a:22:49:79: 2674s 67:17:72:6a:05:65:02:17:c4:f1:4a:eb:09:b0:a8: 2674s de:80:e7:35:f1:05:ad:56:47:c2:8b:5d:2d:97:54: 2674s 6a:61:38:91:6b:0a:d5:b0:84:f1:1a:95:53:71:af: 2674s f8:ff:c5:15:b9:77:9e:58:03:6e:cf:82:56:06:01: 2674s 2f:29:c2:42:08:6c:bd:02:5c:28:08:20:2e:19:e7: 2674s 8a:ee:76:99:0d:54:f9:8e:65:8f:ae:45:e1:f4:16: 2674s ab:e9:a9:bf:1e:35:ff:04:e2:a0:19:52:ab:8e:f0: 2674s 0c:da:c9:18:09:7c:fe:c7:a9 2674s Exponent: 65537 (0x10001) 2674s Attributes: 2674s (none) 2674s Requested Extensions: 2674s Signature Algorithm: sha256WithRSAEncryption 2674s Signature Value: 2674s 42:fc:9b:07:30:1d:93:d5:b8:70:95:41:8e:dc:e9:da:10:54: 2674s 2a:e5:bf:0b:e6:8b:75:b9:4c:34:08:56:74:54:e8:4c:0c:3a: 2674s 4b:fe:ad:46:4f:29:86:d5:3b:41:28:e1:db:75:19:79:74:57: 2674s 22:c8:49:c7:a6:64:e7:e5:44:df:50:f2:66:0c:73:cf:cf:50: 2674s d1:c1:29:67:eb:fe:96:5d:53:cd:c8:1a:79:74:21:52:1d:3f: 2674s 99:0a:d0:04:ea:e0:6a:95:b6:37:0c:bc:a0:71:7d:6a:3f:aa: 2674s f9:be:66:53:5b:d1:f6:ff:9a:c7:8c:49:a4:29:5c:74:52:e2: 2674s 7b:a7 2674s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xU4xnd/test-root-CA.config -passin pass:random-root-CA-password-27586 -keyfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA-key.pem -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2674s Using configuration from /tmp/sssd-softhsm2-xU4xnd/test-root-CA.config 2674s Check that the request matches the signature 2674s Signature ok 2674s Certificate Details: 2674s Serial Number: 1 (0x1) 2674s Validity 2674s Not Before: Jun 14 16:32:30 2024 GMT 2674s Not After : Jun 14 16:32:30 2025 GMT 2674s Subject: 2674s organizationName = Test Organization 2674s organizationalUnitName = Test Organization Unit 2674s commonName = Test Organization Intermediate CA 2674s X509v3 extensions: 2674s X509v3 Subject Key Identifier: 2674s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2674s X509v3 Authority Key Identifier: 2674s keyid:53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2674s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 2674s serial:00 2674s X509v3 Basic Constraints: 2674s CA:TRUE 2674s X509v3 Key Usage: critical 2674s Digital Signature, Certificate Sign, CRL Sign 2674s Certificate is to be certified until Jun 14 16:32:30 2025 GMT (365 days) 2674s 2674s Write out database with 1 new entries 2674s Database updated 2674s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2674s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2674s /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem: OK 2674s + cat 2674s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-18108 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-18108 1024 2674s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-18108 -config /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-15808 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-certificate-request.pem 2674s + openssl req -text -noout -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-certificate-request.pem 2674s Certificate Request: 2674s Data: 2674s Version: 1 (0x0) 2674s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2674s Subject Public Key Info: 2674s Public Key Algorithm: rsaEncryption 2674s Public-Key: (1024 bit) 2674s Modulus: 2674s 00:c2:d2:5c:d4:38:55:a9:25:1b:b7:aa:75:ed:b4: 2674s a5:ea:4f:0b:42:51:a6:6b:00:57:75:53:6c:56:d7: 2674s 8c:87:ab:7d:29:1c:6b:a8:83:1c:26:f7:47:d9:92: 2674s 8a:9b:c0:58:6b:d7:68:fe:67:ad:62:2c:a0:bd:79: 2674s 52:0b:45:fb:49:5b:d9:1d:3f:9c:a4:40:7a:47:94: 2674s e1:7e:33:17:68:b5:17:e6:a2:b6:1e:7d:86:30:60: 2674s 2e:19:be:1f:b0:a5:07:f5:0d:e8:46:63:31:9c:97: 2674s b6:19:b8:72:7a:e1:9b:d9:a4:ce:75:d7:92:bc:37: 2674s 3d:10:4d:4c:10:55:e5:cd:af 2674s Exponent: 65537 (0x10001) 2674s Attributes: 2674s (none) 2674s Requested Extensions: 2674s Signature Algorithm: sha256WithRSAEncryption 2674s Signature Value: 2674s a3:6b:b3:16:33:00:e8:d4:67:13:db:ce:c5:50:25:85:cc:bd: 2674s 37:39:9b:e1:c7:23:57:91:02:eb:87:aa:9c:9e:c8:82:82:d3: 2674s 1e:16:23:b1:2b:8d:42:d5:b8:33:68:b4:70:eb:3c:95:cb:0d: 2674s ba:55:83:e4:83:26:b0:94:a8:0e:2d:b8:0c:3d:6d:14:3e:ca: 2674s 5f:64:04:f4:64:42:e1:f4:ba:68:a0:c7:67:53:2d:e2:24:90: 2674s fa:f1:2d:ca:59:55:64:9c:5a:a8:b0:0c:27:89:8e:9d:2c:63: 2674s aa:3d:b0:a0:c9:95:16:a1:59:6d:ab:2b:d7:78:c0:59:1b:9d: 2674s 12:47 2674s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-15808 -keyfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2674s Using configuration from /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.config 2674s Check that the request matches the signature 2674s Signature ok 2674s Certificate Details: 2674s Serial Number: 2 (0x2) 2674s Validity 2674s Not Before: Jun 14 16:32:30 2024 GMT 2674s Not After : Jun 14 16:32:30 2025 GMT 2674s Subject: 2674s organizationName = Test Organization 2674s organizationalUnitName = Test Organization Unit 2674s commonName = Test Organization Sub Intermediate CA 2674s X509v3 extensions: 2674s X509v3 Subject Key Identifier: 2674s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2674s X509v3 Authority Key Identifier: 2674s keyid:7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2674s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 2674s serial:01 2674s X509v3 Basic Constraints: 2674s CA:TRUE 2674s X509v3 Key Usage: critical 2674s Digital Signature, Certificate Sign, CRL Sign 2674s Certificate is to be certified until Jun 14 16:32:30 2025 GMT (365 days) 2674s 2674s Write out database with 1 new entries 2674s Database updated 2674s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2674s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2674s /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem: OK 2674s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2674s + local cmd=openssl 2674s + shift 2674s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2674s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2674s error 20 at 0 depth lookup: unable to get local issuer certificate 2674s error /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem: verification failed 2674s + cat 2674s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-15022 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-15022 1024 2674s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-15022 -key /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-request.pem 2674s + openssl req -text -noout -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-request.pem 2674s Certificate Request: 2674s Data: 2674s Version: 1 (0x0) 2674s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2674s Subject Public Key Info: 2674s Public Key Algorithm: rsaEncryption 2674s Public-Key: (1024 bit) 2674s Modulus: 2674s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2674s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2674s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2674s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2674s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2674s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2674s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2674s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2674s bb:3b:29:21:47:22:f4:6c:7b 2674s Exponent: 65537 (0x10001) 2674s Attributes: 2674s Requested Extensions: 2674s X509v3 Basic Constraints: 2674s CA:FALSE 2674s Netscape Cert Type: 2674s SSL Client, S/MIME 2674s Netscape Comment: 2674s Test Organization Root CA trusted Certificate 2674s X509v3 Subject Key Identifier: 2674s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2674s X509v3 Key Usage: critical 2674s Digital Signature, Non Repudiation, Key Encipherment 2674s X509v3 Extended Key Usage: 2674s TLS Web Client Authentication, E-mail Protection 2674s X509v3 Subject Alternative Name: 2674s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2674s Signature Algorithm: sha256WithRSAEncryption 2674s Signature Value: 2674s 0e:f0:e4:3e:89:ed:8c:5c:d8:cd:8a:75:8a:d5:8f:9a:b6:8d: 2674s c1:1d:29:c5:e4:a1:24:6b:bb:10:65:57:50:ea:ec:99:dc:04: 2674s ad:e3:19:65:06:26:80:9e:41:8f:6e:fe:6d:71:1d:3a:34:6b: 2674s 42:c5:fb:67:e0:5c:c6:d2:da:60:de:f7:53:6c:62:e5:ed:70: 2674s b2:23:6f:58:d6:36:b3:70:a3:4c:85:35:74:6f:6a:92:26:96: 2674s 21:c8:2f:d3:d2:4f:ed:19:d1:96:90:76:79:24:2b:86:e3:10: 2674s 98:73:a3:28:ff:4a:51:8a:06:12:3e:bd:e0:0f:cf:ee:6f:1e: 2674s de:4a 2674s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xU4xnd/test-root-CA.config -passin pass:random-root-CA-password-27586 -keyfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA-key.pem -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2674s Using configuration from /tmp/sssd-softhsm2-xU4xnd/test-root-CA.config 2674s Check that the request matches the signature 2674s Signature ok 2674s Certificate Details: 2674s Serial Number: 3 (0x3) 2674s Validity 2674s Not Before: Jun 14 16:32:30 2024 GMT 2674s Not After : Jun 14 16:32:30 2025 GMT 2674s Subject: 2674s organizationName = Test Organization 2674s organizationalUnitName = Test Organization Unit 2674s commonName = Test Organization Root Trusted Certificate 0001 2674s X509v3 extensions: 2674s X509v3 Authority Key Identifier: 2674s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2674s X509v3 Basic Constraints: 2674s CA:FALSE 2674s Netscape Cert Type: 2674s SSL Client, S/MIME 2674s Netscape Comment: 2674s Test Organization Root CA trusted Certificate 2674s X509v3 Subject Key Identifier: 2674s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2674s X509v3 Key Usage: critical 2674s Digital Signature, Non Repudiation, Key Encipherment 2674s X509v3 Extended Key Usage: 2674s TLS Web Client Authentication, E-mail Protection 2674s X509v3 Subject Alternative Name: 2674s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2674s Certificate is to be certified until Jun 14 16:32:30 2025 GMT (365 days) 2674s 2674s Write out database with 1 new entries 2674s Database updated 2674s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2674s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2674s /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem: OK 2674s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2674s + local cmd=openssl 2674s + shift 2674s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2674s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2674s error 20 at 0 depth lookup: unable to get local issuer certificate 2674s error /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem: verification failed 2674s + cat 2674s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-32043 1024 2674s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-32043 -key /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-request.pem 2674s + openssl req -text -noout -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-request.pem 2674s Certificate Request: 2674s Data: 2674s Version: 1 (0x0) 2674s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2674s Subject Public Key Info: 2674s Public Key Algorithm: rsaEncryption 2674s Public-Key: (1024 bit) 2674s Modulus: 2674s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2674s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2674s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2674s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2674s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2674s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2674s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2674s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2674s ae:5e:af:23:cc:a0:23:8e:21 2674s Exponent: 65537 (0x10001) 2674s Attributes: 2674s Requested Extensions: 2674s X509v3 Basic Constraints: 2674s CA:FALSE 2674s Netscape Cert Type: 2674s SSL Client, S/MIME 2674s Netscape Comment: 2674s Test Organization Intermediate CA trusted Certificate 2674s X509v3 Subject Key Identifier: 2674s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2674s X509v3 Key Usage: critical 2674s Digital Signature, Non Repudiation, Key Encipherment 2674s X509v3 Extended Key Usage: 2674s TLS Web Client Authentication, E-mail Protection 2674s X509v3 Subject Alternative Name: 2674s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2674s Signature Algorithm: sha256WithRSAEncryption 2674s Signature Value: 2674s 39:23:16:b4:28:37:77:8a:05:bb:0a:f1:b1:d5:91:e6:47:4b: 2674s 67:40:11:0b:97:ed:61:1b:44:d0:eb:73:80:44:0c:73:79:6c: 2674s 51:3d:8d:ab:b9:e7:33:2c:06:cb:89:df:58:3b:8f:24:ae:30: 2674s de:e5:22:56:4f:b0:1b:af:2f:9b:25:e9:2f:59:bf:cc:0b:5d: 2674s 43:8c:bd:4b:d5:bd:72:ca:68:37:af:90:13:0f:39:4d:35:aa: 2674s 81:9e:17:fe:13:50:6d:a3:ce:4a:2e:53:1a:44:38:cc:38:5c: 2674s 29:4c:cd:17:9a:3f:8b:be:e1:27:67:18:b2:19:30:aa:6f:14: 2674s d0:04 2674s + openssl ca -passin pass:random-intermediate-CA-password-15808 -config /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2674s Using configuration from /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.config 2674s Check that the request matches the signature 2674s Signature ok 2674s Certificate Details: 2674s Serial Number: 4 (0x4) 2674s Validity 2674s Not Before: Jun 14 16:32:30 2024 GMT 2674s Not After : Jun 14 16:32:30 2025 GMT 2674s Subject: 2674s organizationName = Test Organization 2674s organizationalUnitName = Test Organization Unit 2674s commonName = Test Organization Intermediate Trusted Certificate 0001 2674s X509v3 extensions: 2674s X509v3 Authority Key Identifier: 2674s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2674s X509v3 Basic Constraints: 2674s CA:FALSE 2674s Netscape Cert Type: 2674s SSL Client, S/MIME 2674s Netscape Comment: 2674s Test Organization Intermediate CA trusted Certificate 2674s X509v3 Subject Key Identifier: 2674s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2674s X509v3 Key Usage: critical 2674s Digital Signature, Non Repudiation, Key Encipherment 2674s X509v3 Extended Key Usage: 2674s TLS Web Client Authentication, E-mail Protection 2674s X509v3 Subject Alternative Name: 2674s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2674s Certificate is to be certified until Jun 14 16:32:30 2025 GMT (365 days) 2674s 2674s Write out database with 1 new entries 2674s Database updated 2674s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2674s + echo 'This certificate should not be trusted fully' 2674s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2674s This certificate should not be trusted fully 2674s + local cmd=openssl 2674s + shift 2674s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2674s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2674s error 2 at 1 depth lookup: unable to get issuer certificate 2674s error /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 2674s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2674s /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem: OK 2674s + cat 2674s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2674s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-26155 1024 2675s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-26155 -key /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 2675s + openssl req -text -noout -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 2675s Certificate Request: 2675s Data: 2675s Version: 1 (0x0) 2675s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2675s Subject Public Key Info: 2675s Public Key Algorithm: rsaEncryption 2675s Public-Key: (1024 bit) 2675s Modulus: 2675s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2675s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2675s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2675s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2675s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2675s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2675s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2675s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2675s 54:1d:3b:50:4f:52:f1:e0:e1 2675s Exponent: 65537 (0x10001) 2675s Attributes: 2675s Requested Extensions: 2675s X509v3 Basic Constraints: 2675s CA:FALSE 2675s Netscape Cert Type: 2675s SSL Client, S/MIME 2675s Netscape Comment: 2675s Test Organization Sub Intermediate CA trusted Certificate 2675s X509v3 Subject Key Identifier: 2675s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2675s X509v3 Key Usage: critical 2675s Digital Signature, Non Repudiation, Key Encipherment 2675s X509v3 Extended Key Usage: 2675s TLS Web Client Authentication, E-mail Protection 2675s X509v3 Subject Alternative Name: 2675s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2675s Signature Algorithm: sha256WithRSAEncryption 2675s Signature Value: 2675s 29:cf:4b:68:da:15:f7:c4:63:94:ab:95:e5:27:d5:e4:47:33: 2675s 46:36:40:50:e9:c4:1f:21:f4:db:a7:d7:e9:16:3d:1d:2c:66: 2675s ae:69:68:1f:2b:42:7a:e0:bb:2a:53:55:95:cc:dd:e0:5e:c0: 2675s b2:b9:a9:17:ba:2e:87:55:51:91:6c:c5:64:f7:96:1a:56:13: 2675s f0:31:6f:7b:ce:36:3b:ed:f9:f9:44:ae:af:46:3e:e3:a4:33: 2675s 92:c3:11:3c:45:f4:33:83:d6:85:75:59:e2:ad:86:6c:24:03: 2675s 62:76:03:01:48:6d:fd:53:35:b6:d7:3f:97:b8:55:11:d6:59: 2675s d5:33 2675s + openssl ca -passin pass:random-sub-intermediate-CA-password-18108 -config /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s Using configuration from /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.config 2675s Check that the request matches the signature 2675s Signature ok 2675s Certificate Details: 2675s Serial Number: 5 (0x5) 2675s Validity 2675s Not Before: Jun 14 16:32:31 2024 GMT 2675s Not After : Jun 14 16:32:31 2025 GMT 2675s Subject: 2675s organizationName = Test Organization 2675s organizationalUnitName = Test Organization Unit 2675s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 2675s X509v3 extensions: 2675s X509v3 Authority Key Identifier: 2675s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2675s X509v3 Basic Constraints: 2675s CA:FALSE 2675s Netscape Cert Type: 2675s SSL Client, S/MIME 2675s Netscape Comment: 2675s Test Organization Sub Intermediate CA trusted Certificate 2675s X509v3 Subject Key Identifier: 2675s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2675s X509v3 Key Usage: critical 2675s Digital Signature, Non Repudiation, Key Encipherment 2675s X509v3 Extended Key Usage: 2675s TLS Web Client Authentication, E-mail Protection 2675s X509v3 Subject Alternative Name: 2675s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2675s Certificate is to be certified until Jun 14 16:32:31 2025 GMT (365 days) 2675s 2675s Write out database with 1 new entries 2675s Database updated 2675s + openssl x509 -noout -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s This certificate should not be trusted fully 2675s + echo 'This certificate should not be trusted fully' 2675s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s + local cmd=openssl 2675s + shift 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2675s error 2 at 1 depth lookup: unable to get issuer certificate 2675s error /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2675s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s + local cmd=openssl 2675s + shift 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2675s error 20 at 0 depth lookup: unable to get local issuer certificate 2675s error /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2675s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 2675s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s + local cmd=openssl 2675s + shift 2675s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2675s error 20 at 0 depth lookup: unable to get local issuer certificate 2675s error /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2675s Building a the full-chain CA file... 2675s + echo 'Building a the full-chain CA file...' 2675s + cat /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2675s + cat /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2675s + cat /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2675s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2675s + openssl pkcs7 -print_certs -noout 2675s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2675s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2675s 2675s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2675s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2675s 2675s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2675s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2675s 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem: OK 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem: OK 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem: OK 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem: OK 2675s + openssl verify -CAfile /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2675s /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 2675s Certificates generation completed! 2675s + echo 'Certificates generation completed!' 2675s + [[ -v NO_SSSD_TESTS ]] 2675s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /dev/null 2675s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /dev/null 2675s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2675s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2675s + local key_ring=/dev/null 2675s + local verify_option= 2675s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2675s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2675s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2675s + local key_cn 2675s + local key_name 2675s + local tokens_dir 2675s + local output_cert_file 2675s + token_name= 2675s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2675s + key_name=test-root-CA-trusted-certificate-0001 2675s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2675s ++ sed -n 's/ *commonName *= //p' 2675s + key_cn='Test Organization Root Trusted Certificate 0001' 2675s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2675s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2675s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2675s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2675s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2675s + token_name='Test Organization Root Tr Token' 2675s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2675s + local key_file 2675s + local decrypted_key 2675s + mkdir -p /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2675s + key_file=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key.pem 2675s + decrypted_key=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2675s + cat 2675s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 2675s Slot 0 has a free/uninitialized token. 2675s The token has been initialized and is reassigned to slot 737320295 2675s + softhsm2-util --show-slots 2675s Available slots: 2675s Slot 737320295 2675s Slot info: 2675s Description: SoftHSM slot ID 0x2bf29d67 2675s Manufacturer ID: SoftHSM project 2675s Hardware version: 2.6 2675s Firmware version: 2.6 2675s Token present: yes 2675s Token info: 2675s Manufacturer ID: SoftHSM project 2675s Model: SoftHSM v2 2675s Hardware version: 2.6 2675s Firmware version: 2.6 2675s Serial number: 22a7fd0babf29d67 2675s Initialized: yes 2675s User PIN init.: yes 2675s Label: Test Organization Root Tr Token 2675s Slot 1 2675s Slot info: 2675s Description: SoftHSM slot ID 0x1 2675s Manufacturer ID: SoftHSM project 2675s Hardware version: 2.6 2675s Firmware version: 2.6 2675s Token present: yes 2675s Token info: 2675s Manufacturer ID: SoftHSM project 2675s Model: SoftHSM v2 2675s Hardware version: 2.6 2675s Firmware version: 2.6 2675s Serial number: 2675s Initialized: no 2675s User PIN init.: no 2675s Label: 2675s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2676s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-15022 -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2676s writing RSA key 2676s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2676s + rm /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2676s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2676s Object 0: 2676s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 2676s Type: X.509 Certificate (RSA-1024) 2676s Expires: Sat Jun 14 16:32:30 2025 2676s Label: Test Organization Root Trusted Certificate 0001 2676s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2676s 2676s Test Organization Root Tr Token 2676s + echo 'Test Organization Root Tr Token' 2676s + '[' -n '' ']' 2676s + local output_base_name=SSSD-child-5316 2676s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5316.output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5316.pem 2676s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 2676s [p11_child[2248]] [main] (0x0400): p11_child started. 2676s [p11_child[2248]] [main] (0x2000): Running in [pre-auth] mode. 2676s [p11_child[2248]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2248]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2248]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 2676s [p11_child[2248]] [do_work] (0x0040): init_verification failed. 2676s [p11_child[2248]] [main] (0x0020): p11_child failed (5) 2676s + return 2 2676s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /dev/null no_verification 2676s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /dev/null no_verification 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_ring=/dev/null 2676s + local verify_option=no_verification 2676s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_cn 2676s + local key_name 2676s + local tokens_dir 2676s + local output_cert_file 2676s + token_name= 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2676s + key_name=test-root-CA-trusted-certificate-0001 2676s ++ sed -n 's/ *commonName *= //p' 2676s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + key_cn='Test Organization Root Trusted Certificate 0001' 2676s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2676s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2676s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2676s + token_name='Test Organization Root Tr Token' 2676s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2676s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2676s + echo 'Test Organization Root Tr Token' 2676s Test Organization Root Tr Token 2676s + '[' -n no_verification ']' 2676s + local verify_arg=--verify=no_verification 2676s + local output_base_name=SSSD-child-5491 2676s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.pem 2676s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 2676s [p11_child[2254]] [main] (0x0400): p11_child started. 2676s [p11_child[2254]] [main] (0x2000): Running in [pre-auth] mode. 2676s [p11_child[2254]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2254]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2254]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 2676s [p11_child[2254]] [do_card] (0x4000): Module List: 2676s [p11_child[2254]] [do_card] (0x4000): common name: [softhsm2]. 2676s [p11_child[2254]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2254]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2676s [p11_child[2254]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2676s [p11_child[2254]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2254]] [do_card] (0x4000): Login NOT required. 2676s [p11_child[2254]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2676s [p11_child[2254]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2676s [p11_child[2254]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2676s [p11_child[2254]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2676s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.output 2676s + echo '-----BEGIN CERTIFICATE-----' 2676s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.output 2676s + echo '-----END CERTIFICATE-----' 2676s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.pem 2676s Certificate: 2676s Data: 2676s Version: 3 (0x2) 2676s Serial Number: 3 (0x3) 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2676s Validity 2676s Not Before: Jun 14 16:32:30 2024 GMT 2676s Not After : Jun 14 16:32:30 2025 GMT 2676s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2676s Subject Public Key Info: 2676s Public Key Algorithm: rsaEncryption 2676s Public-Key: (1024 bit) 2676s Modulus: 2676s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2676s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2676s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2676s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2676s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2676s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2676s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2676s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2676s bb:3b:29:21:47:22:f4:6c:7b 2676s Exponent: 65537 (0x10001) 2676s X509v3 extensions: 2676s X509v3 Authority Key Identifier: 2676s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2676s X509v3 Basic Constraints: 2676s CA:FALSE 2676s Netscape Cert Type: 2676s SSL Client, S/MIME 2676s Netscape Comment: 2676s Test Organization Root CA trusted Certificate 2676s X509v3 Subject Key Identifier: 2676s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2676s X509v3 Key Usage: critical 2676s Digital Signature, Non Repudiation, Key Encipherment 2676s X509v3 Extended Key Usage: 2676s TLS Web Client Authentication, E-mail Protection 2676s X509v3 Subject Alternative Name: 2676s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Signature Value: 2676s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2676s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2676s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2676s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2676s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2676s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2676s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2676s 2a:dd 2676s + local found_md5 expected_md5 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + expected_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491.pem 2676s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2676s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.output 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.output .output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.pem 2676s + echo -n 053350 2676s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2676s [p11_child[2262]] [main] (0x0400): p11_child started. 2676s [p11_child[2262]] [main] (0x2000): Running in [auth] mode. 2676s [p11_child[2262]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2262]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2262]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 2676s [p11_child[2262]] [do_card] (0x4000): Module List: 2676s [p11_child[2262]] [do_card] (0x4000): common name: [softhsm2]. 2676s [p11_child[2262]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2262]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2676s [p11_child[2262]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2676s [p11_child[2262]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2262]] [do_card] (0x4000): Login required. 2676s [p11_child[2262]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2676s [p11_child[2262]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2676s [p11_child[2262]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2676s [p11_child[2262]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2676s [p11_child[2262]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2676s [p11_child[2262]] [do_card] (0x4000): Certificate verified and validated. 2676s [p11_child[2262]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2676s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.output 2676s + echo '-----BEGIN CERTIFICATE-----' 2676s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.output 2676s + echo '-----END CERTIFICATE-----' 2676s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.pem 2676s Certificate: 2676s Data: 2676s Version: 3 (0x2) 2676s Serial Number: 3 (0x3) 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2676s Validity 2676s Not Before: Jun 14 16:32:30 2024 GMT 2676s Not After : Jun 14 16:32:30 2025 GMT 2676s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2676s Subject Public Key Info: 2676s Public Key Algorithm: rsaEncryption 2676s Public-Key: (1024 bit) 2676s Modulus: 2676s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2676s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2676s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2676s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2676s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2676s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2676s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2676s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2676s bb:3b:29:21:47:22:f4:6c:7b 2676s Exponent: 65537 (0x10001) 2676s X509v3 extensions: 2676s X509v3 Authority Key Identifier: 2676s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2676s X509v3 Basic Constraints: 2676s CA:FALSE 2676s Netscape Cert Type: 2676s SSL Client, S/MIME 2676s Netscape Comment: 2676s Test Organization Root CA trusted Certificate 2676s X509v3 Subject Key Identifier: 2676s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2676s X509v3 Key Usage: critical 2676s Digital Signature, Non Repudiation, Key Encipherment 2676s X509v3 Extended Key Usage: 2676s TLS Web Client Authentication, E-mail Protection 2676s X509v3 Subject Alternative Name: 2676s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Signature Value: 2676s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2676s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2676s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2676s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2676s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2676s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2676s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2676s 2a:dd 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-5491-auth.pem 2676s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2676s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s + local verify_option= 2676s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_cn 2676s + local key_name 2676s + local tokens_dir 2676s + local output_cert_file 2676s + token_name= 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2676s + key_name=test-root-CA-trusted-certificate-0001 2676s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s ++ sed -n 's/ *commonName *= //p' 2676s + key_cn='Test Organization Root Trusted Certificate 0001' 2676s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2676s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2676s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2676s + token_name='Test Organization Root Tr Token' 2676s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2676s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2676s + echo 'Test Organization Root Tr Token' 2676s + '[' -n '' ']' 2676s + local output_base_name=SSSD-child-1920 2676s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.pem 2676s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s Test Organization Root Tr Token 2676s [p11_child[2272]] [main] (0x0400): p11_child started. 2676s [p11_child[2272]] [main] (0x2000): Running in [pre-auth] mode. 2676s [p11_child[2272]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2272]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2272]] [do_card] (0x4000): Module List: 2676s [p11_child[2272]] [do_card] (0x4000): common name: [softhsm2]. 2676s [p11_child[2272]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2272]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2676s [p11_child[2272]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2676s [p11_child[2272]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2272]] [do_card] (0x4000): Login NOT required. 2676s [p11_child[2272]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2676s [p11_child[2272]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2676s [p11_child[2272]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2676s [p11_child[2272]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2676s [p11_child[2272]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2676s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.output 2676s + echo '-----BEGIN CERTIFICATE-----' 2676s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.output 2676s + echo '-----END CERTIFICATE-----' 2676s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.pem 2676s Certificate: 2676s Data: 2676s Version: 3 (0x2) 2676s Serial Number: 3 (0x3) 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2676s Validity 2676s Not Before: Jun 14 16:32:30 2024 GMT 2676s Not After : Jun 14 16:32:30 2025 GMT 2676s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2676s Subject Public Key Info: 2676s Public Key Algorithm: rsaEncryption 2676s Public-Key: (1024 bit) 2676s Modulus: 2676s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2676s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2676s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2676s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2676s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2676s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2676s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2676s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2676s bb:3b:29:21:47:22:f4:6c:7b 2676s Exponent: 65537 (0x10001) 2676s X509v3 extensions: 2676s X509v3 Authority Key Identifier: 2676s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2676s X509v3 Basic Constraints: 2676s CA:FALSE 2676s Netscape Cert Type: 2676s SSL Client, S/MIME 2676s Netscape Comment: 2676s Test Organization Root CA trusted Certificate 2676s X509v3 Subject Key Identifier: 2676s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2676s X509v3 Key Usage: critical 2676s Digital Signature, Non Repudiation, Key Encipherment 2676s X509v3 Extended Key Usage: 2676s TLS Web Client Authentication, E-mail Protection 2676s X509v3 Subject Alternative Name: 2676s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Signature Value: 2676s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2676s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2676s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2676s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2676s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2676s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2676s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2676s 2a:dd 2676s + local found_md5 expected_md5 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + expected_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920.pem 2676s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2676s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.output 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.output .output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.pem 2676s + echo -n 053350 2676s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2676s [p11_child[2280]] [main] (0x0400): p11_child started. 2676s [p11_child[2280]] [main] (0x2000): Running in [auth] mode. 2676s [p11_child[2280]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2280]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2280]] [do_card] (0x4000): Module List: 2676s [p11_child[2280]] [do_card] (0x4000): common name: [softhsm2]. 2676s [p11_child[2280]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2280]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2676s [p11_child[2280]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2676s [p11_child[2280]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2280]] [do_card] (0x4000): Login required. 2676s [p11_child[2280]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2676s [p11_child[2280]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2676s [p11_child[2280]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2676s [p11_child[2280]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2676s [p11_child[2280]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2676s [p11_child[2280]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2676s [p11_child[2280]] [do_card] (0x4000): Certificate verified and validated. 2676s [p11_child[2280]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2676s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.output 2676s + echo '-----BEGIN CERTIFICATE-----' 2676s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.output 2676s + echo '-----END CERTIFICATE-----' 2676s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.pem 2676s Certificate: 2676s Data: 2676s Version: 3 (0x2) 2676s Serial Number: 3 (0x3) 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2676s Validity 2676s Not Before: Jun 14 16:32:30 2024 GMT 2676s Not After : Jun 14 16:32:30 2025 GMT 2676s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2676s Subject Public Key Info: 2676s Public Key Algorithm: rsaEncryption 2676s Public-Key: (1024 bit) 2676s Modulus: 2676s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2676s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2676s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2676s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2676s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2676s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2676s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2676s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2676s bb:3b:29:21:47:22:f4:6c:7b 2676s Exponent: 65537 (0x10001) 2676s X509v3 extensions: 2676s X509v3 Authority Key Identifier: 2676s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2676s X509v3 Basic Constraints: 2676s CA:FALSE 2676s Netscape Cert Type: 2676s SSL Client, S/MIME 2676s Netscape Comment: 2676s Test Organization Root CA trusted Certificate 2676s X509v3 Subject Key Identifier: 2676s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2676s X509v3 Key Usage: critical 2676s Digital Signature, Non Repudiation, Key Encipherment 2676s X509v3 Extended Key Usage: 2676s TLS Web Client Authentication, E-mail Protection 2676s X509v3 Subject Alternative Name: 2676s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2676s Signature Algorithm: sha256WithRSAEncryption 2676s Signature Value: 2676s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2676s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2676s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2676s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2676s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2676s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2676s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2676s 2a:dd 2676s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-1920-auth.pem 2676s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2676s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2676s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2676s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s + local verify_option=partial_chain 2676s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2676s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2676s + local key_cn 2676s + local key_name 2676s + local tokens_dir 2676s + local output_cert_file 2676s + token_name= 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2676s + key_name=test-root-CA-trusted-certificate-0001 2676s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2676s ++ sed -n 's/ *commonName *= //p' 2676s + key_cn='Test Organization Root Trusted Certificate 0001' 2676s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2676s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2676s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2676s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2676s Test Organization Root Tr Token 2676s + token_name='Test Organization Root Tr Token' 2676s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2676s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2676s + echo 'Test Organization Root Tr Token' 2676s + '[' -n partial_chain ']' 2676s + local verify_arg=--verify=partial_chain 2676s + local output_base_name=SSSD-child-12791 2676s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.output 2676s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.pem 2676s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2676s [p11_child[2290]] [main] (0x0400): p11_child started. 2676s [p11_child[2290]] [main] (0x2000): Running in [pre-auth] mode. 2676s [p11_child[2290]] [main] (0x2000): Running with effective IDs: [0][0]. 2676s [p11_child[2290]] [main] (0x2000): Running with real IDs [0][0]. 2676s [p11_child[2290]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2676s [p11_child[2290]] [do_card] (0x4000): Module List: 2676s [p11_child[2290]] [do_card] (0x4000): common name: [softhsm2]. 2676s [p11_child[2290]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2290]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2676s [p11_child[2290]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2676s [p11_child[2290]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2676s [p11_child[2290]] [do_card] (0x4000): Login NOT required. 2676s [p11_child[2290]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2676s [p11_child[2290]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2676s [p11_child[2290]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2676s [p11_child[2290]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2676s [p11_child[2290]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2676s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.output 2676s + echo '-----BEGIN CERTIFICATE-----' 2676s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.output 2676s + echo '-----END CERTIFICATE-----' 2676s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s + local found_md5 expected_md5 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + expected_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.output 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.output .output 2677s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.pem 2677s + echo -n 053350 2677s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2677s [p11_child[2298]] [main] (0x0400): p11_child started. 2677s [p11_child[2298]] [main] (0x2000): Running in [auth] mode. 2677s [p11_child[2298]] [main] (0x2000): Running with effective IDs: [0][0]. 2677s [p11_child[2298]] [main] (0x2000): Running with real IDs [0][0]. 2677s [p11_child[2298]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2677s [p11_child[2298]] [do_card] (0x4000): Module List: 2677s [p11_child[2298]] [do_card] (0x4000): common name: [softhsm2]. 2677s [p11_child[2298]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2298]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2677s [p11_child[2298]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2677s [p11_child[2298]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2298]] [do_card] (0x4000): Login required. 2677s [p11_child[2298]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2677s [p11_child[2298]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2677s [p11_child[2298]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2677s [p11_child[2298]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2677s [p11_child[2298]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2677s [p11_child[2298]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2677s [p11_child[2298]] [do_card] (0x4000): Certificate verified and validated. 2677s [p11_child[2298]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2677s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.output 2677s + echo '-----BEGIN CERTIFICATE-----' 2677s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.output 2677s + echo '-----END CERTIFICATE-----' 2677s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-12791-auth.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s + local verify_option= 2677s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_cn 2677s + local key_name 2677s + local tokens_dir 2677s + local output_cert_file 2677s + token_name= 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2677s + key_name=test-root-CA-trusted-certificate-0001 2677s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s ++ sed -n 's/ *commonName *= //p' 2677s + key_cn='Test Organization Root Trusted Certificate 0001' 2677s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2677s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2677s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2677s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2677s + token_name='Test Organization Root Tr Token' 2677s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2677s Test Organization Root Tr Token 2677s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2677s + echo 'Test Organization Root Tr Token' 2677s + '[' -n '' ']' 2677s + local output_base_name=SSSD-child-14816 2677s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.output 2677s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.pem 2677s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s [p11_child[2308]] [main] (0x0400): p11_child started. 2677s [p11_child[2308]] [main] (0x2000): Running in [pre-auth] mode. 2677s [p11_child[2308]] [main] (0x2000): Running with effective IDs: [0][0]. 2677s [p11_child[2308]] [main] (0x2000): Running with real IDs [0][0]. 2677s [p11_child[2308]] [do_card] (0x4000): Module List: 2677s [p11_child[2308]] [do_card] (0x4000): common name: [softhsm2]. 2677s [p11_child[2308]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2308]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2677s [p11_child[2308]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2677s [p11_child[2308]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2308]] [do_card] (0x4000): Login NOT required. 2677s [p11_child[2308]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2677s [p11_child[2308]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2677s [p11_child[2308]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2677s [p11_child[2308]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2677s [p11_child[2308]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2677s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.output 2677s + echo '-----BEGIN CERTIFICATE-----' 2677s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.output 2677s + echo '-----END CERTIFICATE-----' 2677s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s + local found_md5 expected_md5 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + expected_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.output 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.output .output 2677s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.pem 2677s + echo -n 053350 2677s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2677s [p11_child[2316]] [main] (0x0400): p11_child started. 2677s [p11_child[2316]] [main] (0x2000): Running in [auth] mode. 2677s [p11_child[2316]] [main] (0x2000): Running with effective IDs: [0][0]. 2677s [p11_child[2316]] [main] (0x2000): Running with real IDs [0][0]. 2677s [p11_child[2316]] [do_card] (0x4000): Module List: 2677s [p11_child[2316]] [do_card] (0x4000): common name: [softhsm2]. 2677s [p11_child[2316]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2316]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2677s [p11_child[2316]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2677s [p11_child[2316]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2316]] [do_card] (0x4000): Login required. 2677s [p11_child[2316]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2677s [p11_child[2316]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2677s [p11_child[2316]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2677s [p11_child[2316]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2677s [p11_child[2316]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2677s [p11_child[2316]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2677s [p11_child[2316]] [do_card] (0x4000): Certificate verified and validated. 2677s [p11_child[2316]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2677s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.output 2677s + echo '-----BEGIN CERTIFICATE-----' 2677s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.output 2677s + echo '-----END CERTIFICATE-----' 2677s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14816-auth.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2677s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s + local verify_option=partial_chain 2677s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_cn 2677s + local key_name 2677s + local tokens_dir 2677s + local output_cert_file 2677s + token_name= 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2677s + key_name=test-root-CA-trusted-certificate-0001 2677s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s ++ sed -n 's/ *commonName *= //p' 2677s + key_cn='Test Organization Root Trusted Certificate 0001' 2677s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2677s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2677s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2677s Test Organization Root Tr Token 2677s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2677s + token_name='Test Organization Root Tr Token' 2677s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2677s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2677s + echo 'Test Organization Root Tr Token' 2677s + '[' -n partial_chain ']' 2677s + local verify_arg=--verify=partial_chain 2677s + local output_base_name=SSSD-child-9264 2677s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.output 2677s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.pem 2677s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2677s [p11_child[2326]] [main] (0x0400): p11_child started. 2677s [p11_child[2326]] [main] (0x2000): Running in [pre-auth] mode. 2677s [p11_child[2326]] [main] (0x2000): Running with effective IDs: [0][0]. 2677s [p11_child[2326]] [main] (0x2000): Running with real IDs [0][0]. 2677s [p11_child[2326]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2677s [p11_child[2326]] [do_card] (0x4000): Module List: 2677s [p11_child[2326]] [do_card] (0x4000): common name: [softhsm2]. 2677s [p11_child[2326]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2326]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2677s [p11_child[2326]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2677s [p11_child[2326]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2326]] [do_card] (0x4000): Login NOT required. 2677s [p11_child[2326]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2677s [p11_child[2326]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2677s [p11_child[2326]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2677s [p11_child[2326]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2677s [p11_child[2326]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2677s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.output 2677s + echo '-----BEGIN CERTIFICATE-----' 2677s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.output 2677s + echo '-----END CERTIFICATE-----' 2677s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s + local found_md5 expected_md5 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + expected_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.output 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.output .output 2677s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.pem 2677s + echo -n 053350 2677s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2677s [p11_child[2334]] [main] (0x0400): p11_child started. 2677s [p11_child[2334]] [main] (0x2000): Running in [auth] mode. 2677s [p11_child[2334]] [main] (0x2000): Running with effective IDs: [0][0]. 2677s [p11_child[2334]] [main] (0x2000): Running with real IDs [0][0]. 2677s [p11_child[2334]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2677s [p11_child[2334]] [do_card] (0x4000): Module List: 2677s [p11_child[2334]] [do_card] (0x4000): common name: [softhsm2]. 2677s [p11_child[2334]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2334]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2677s [p11_child[2334]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2677s [p11_child[2334]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2677s [p11_child[2334]] [do_card] (0x4000): Login required. 2677s [p11_child[2334]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2677s [p11_child[2334]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2677s [p11_child[2334]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2677s [p11_child[2334]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2bf29d67;slot-manufacturer=SoftHSM%20project;slot-id=737320295;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=22a7fd0babf29d67;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2677s [p11_child[2334]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2677s [p11_child[2334]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2677s [p11_child[2334]] [do_card] (0x4000): Certificate verified and validated. 2677s [p11_child[2334]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2677s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.output 2677s + echo '-----BEGIN CERTIFICATE-----' 2677s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.output 2677s + echo '-----END CERTIFICATE-----' 2677s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.pem 2677s Certificate: 2677s Data: 2677s Version: 3 (0x2) 2677s Serial Number: 3 (0x3) 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2677s Validity 2677s Not Before: Jun 14 16:32:30 2024 GMT 2677s Not After : Jun 14 16:32:30 2025 GMT 2677s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2677s Subject Public Key Info: 2677s Public Key Algorithm: rsaEncryption 2677s Public-Key: (1024 bit) 2677s Modulus: 2677s 00:f1:08:d0:0b:04:da:d1:54:8c:6a:b0:cb:49:78: 2677s a3:d7:ae:c1:8e:12:b3:5f:29:ac:74:de:7d:eb:74: 2677s 45:1e:86:9b:96:ca:b7:f9:a9:df:1f:0c:ff:80:ba: 2677s fe:fc:11:da:c6:c4:29:52:42:d0:c8:9a:0d:3c:58: 2677s c2:b3:db:dd:89:2c:8e:96:eb:c0:b6:f8:0a:87:8b: 2677s 2c:fc:d5:59:2d:2c:af:9d:cc:28:28:ca:d5:64:3e: 2677s f5:a1:67:28:bd:bf:bb:48:40:c7:ed:21:b3:b3:a2: 2677s 0f:ba:09:64:b7:7f:fa:90:39:9c:9b:6e:5f:d0:21: 2677s bb:3b:29:21:47:22:f4:6c:7b 2677s Exponent: 65537 (0x10001) 2677s X509v3 extensions: 2677s X509v3 Authority Key Identifier: 2677s 53:4C:91:18:D9:92:38:5E:4D:06:5F:08:B6:35:C6:77:63:E1:CB:E0 2677s X509v3 Basic Constraints: 2677s CA:FALSE 2677s Netscape Cert Type: 2677s SSL Client, S/MIME 2677s Netscape Comment: 2677s Test Organization Root CA trusted Certificate 2677s X509v3 Subject Key Identifier: 2677s C6:C8:3A:84:36:78:05:82:86:0A:4F:83:ED:54:AD:23:AD:E0:C9:90 2677s X509v3 Key Usage: critical 2677s Digital Signature, Non Repudiation, Key Encipherment 2677s X509v3 Extended Key Usage: 2677s TLS Web Client Authentication, E-mail Protection 2677s X509v3 Subject Alternative Name: 2677s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2677s Signature Algorithm: sha256WithRSAEncryption 2677s Signature Value: 2677s 70:6e:71:57:de:88:d8:b2:3b:68:85:b3:f7:3e:8c:cc:95:2e: 2677s 0e:82:b4:fe:90:4c:6c:3a:05:1a:2e:dc:23:2f:66:0e:0a:48: 2677s 69:58:be:25:b5:3d:c8:e7:a4:31:37:ee:fe:57:3f:d6:66:73: 2677s 6b:ad:a1:b9:a3:e7:9a:17:8e:a3:6e:a6:68:ee:bd:ce:89:25: 2677s 9b:3d:cb:06:89:4f:ef:ab:f9:8d:a8:47:7e:7f:28:87:b7:f7: 2677s b7:7d:92:19:6f:c3:68:c1:7e:43:d0:91:a8:f2:da:b7:5b:f9: 2677s 03:06:63:1d:85:94:7c:8c:f0:2f:31:4f:9c:fb:b0:65:10:0f: 2677s 2a:dd 2677s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-9264-auth.pem 2677s + found_md5=Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B 2677s + '[' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B '!=' Modulus=F108D00B04DAD1548C6AB0CB4978A3D7AEC18E12B35F29AC74DE7DEB74451E869B96CAB7F9A9DF1F0CFF80BAFEFC11DAC6C4295242D0C89A0D3C58C2B3DBDD892C8E96EBC0B6F80A878B2CFCD5592D2CAF9DCC2828CAD5643EF5A16728BDBFBB4840C7ED21B3B3A20FBA0964B77FFA90399C9B6E5FD021BB3B29214722F46C7B ']' 2677s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2677s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2677s + local verify_option= 2677s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2677s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2677s + local key_cn 2677s + local key_name 2677s + local tokens_dir 2677s + local output_cert_file 2677s + token_name= 2677s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2677s + key_name=test-root-CA-trusted-certificate-0001 2677s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2677s ++ sed -n 's/ *commonName *= //p' 2678s + key_cn='Test Organization Root Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2678s + token_name='Test Organization Root Tr Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2678s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2678s + echo 'Test Organization Root Tr Token' 2678s Test Organization Root Tr Token 2678s + '[' -n '' ']' 2678s + local output_base_name=SSSD-child-16129 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-16129.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-16129.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2678s [p11_child[2344]] [main] (0x0400): p11_child started. 2678s [p11_child[2344]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2344]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2344]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2344]] [do_card] (0x4000): Module List: 2678s [p11_child[2344]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2344]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2344]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2344]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2678s [p11_child[2344]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2344]] [do_card] (0x4000): Login NOT required. 2678s [p11_child[2344]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2678s [p11_child[2344]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2678s [p11_child[2344]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2678s [p11_child[2344]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 2678s [p11_child[2344]] [do_card] (0x4000): No certificate found. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-16129.output 2678s + return 2 2678s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem partial_chain 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem partial_chain 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2678s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2678s + local verify_option=partial_chain 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-15022 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-root-ca-trusted-cert-0001-15022 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-root-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-root-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2678s Test Organization Root Tr Token 2678s + key_cn='Test Organization Root Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 2678s + token_name='Test Organization Root Tr Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2678s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-root-CA-trusted-certificate-0001 ']' 2678s + echo 'Test Organization Root Tr Token' 2678s + '[' -n partial_chain ']' 2678s + local verify_arg=--verify=partial_chain 2678s + local output_base_name=SSSD-child-20054 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-20054.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-20054.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2678s [p11_child[2351]] [main] (0x0400): p11_child started. 2678s [p11_child[2351]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2351]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2351]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2351]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2678s [p11_child[2351]] [do_card] (0x4000): Module List: 2678s [p11_child[2351]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2351]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2351]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2bf29d67] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2351]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 2678s [p11_child[2351]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2bf29d67][737320295] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2351]] [do_card] (0x4000): Login NOT required. 2678s [p11_child[2351]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 2678s [p11_child[2351]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2678s [p11_child[2351]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2678s [p11_child[2351]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 2678s [p11_child[2351]] [do_card] (0x4000): No certificate found. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-20054.output 2678s + return 2 2678s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /dev/null 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /dev/null 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_ring=/dev/null 2678s + local verify_option= 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-intermediate-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2678s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2678s + token_name='Test Organization Interme Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2678s + local key_file 2678s + local decrypted_key 2678s + mkdir -p /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2678s + key_file=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key.pem 2678s + decrypted_key=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2678s + cat 2678s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 2678s Slot 0 has a free/uninitialized token. 2678s The token has been initialized and is reassigned to slot 1856813367 2678s + softhsm2-util --show-slots 2678s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2678s Available slots: 2678s Slot 1856813367 2678s Slot info: 2678s Description: SoftHSM slot ID 0x6eacb937 2678s Manufacturer ID: SoftHSM project 2678s Hardware version: 2.6 2678s Firmware version: 2.6 2678s Token present: yes 2678s Token info: 2678s Manufacturer ID: SoftHSM project 2678s Model: SoftHSM v2 2678s Hardware version: 2.6 2678s Firmware version: 2.6 2678s Serial number: 8af563866eacb937 2678s Initialized: yes 2678s User PIN init.: yes 2678s Label: Test Organization Interme Token 2678s Slot 1 2678s Slot info: 2678s Description: SoftHSM slot ID 0x1 2678s Manufacturer ID: SoftHSM project 2678s Hardware version: 2.6 2678s Firmware version: 2.6 2678s Token present: yes 2678s Token info: 2678s Manufacturer ID: SoftHSM project 2678s Model: SoftHSM v2 2678s Hardware version: 2.6 2678s Firmware version: 2.6 2678s Serial number: 2678s Initialized: no 2678s User PIN init.: no 2678s Label: 2678s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-32043 -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2678s writing RSA key 2678s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2678s + rm /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2678s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2678s Object 0: 2678s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 2678s Type: X.509 Certificate (RSA-1024) 2678s Expires: Sat Jun 14 16:32:30 2025 2678s Label: Test Organization Intermediate Trusted Certificate 0001 2678s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2678s 2678s + echo 'Test Organization Interme Token' 2678s Test Organization Interme Token 2678s + '[' -n '' ']' 2678s + local output_base_name=SSSD-child-583 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-583.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-583.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 2678s [p11_child[2367]] [main] (0x0400): p11_child started. 2678s [p11_child[2367]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2367]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2367]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2367]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 2678s [p11_child[2367]] [do_work] (0x0040): init_verification failed. 2678s [p11_child[2367]] [main] (0x0020): p11_child failed (5) 2678s + return 2 2678s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /dev/null no_verification 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /dev/null no_verification 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_ring=/dev/null 2678s + local verify_option=no_verification 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-intermediate-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2678s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2678s + token_name='Test Organization Interme Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2678s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2678s + echo 'Test Organization Interme Token' 2678s Test Organization Interme Token 2678s + '[' -n no_verification ']' 2678s + local verify_arg=--verify=no_verification 2678s + local output_base_name=SSSD-child-27342 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 2678s [p11_child[2373]] [main] (0x0400): p11_child started. 2678s [p11_child[2373]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2373]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2373]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2373]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 2678s [p11_child[2373]] [do_card] (0x4000): Module List: 2678s [p11_child[2373]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2373]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2373]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2373]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2678s [p11_child[2373]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2373]] [do_card] (0x4000): Login NOT required. 2678s [p11_child[2373]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2678s [p11_child[2373]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2678s [p11_child[2373]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2678s [p11_child[2373]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.output 2678s + echo '-----BEGIN CERTIFICATE-----' 2678s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.output 2678s + echo '-----END CERTIFICATE-----' 2678s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.pem 2678s Certificate: 2678s Data: 2678s Version: 3 (0x2) 2678s Serial Number: 4 (0x4) 2678s Signature Algorithm: sha256WithRSAEncryption 2678s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2678s Validity 2678s Not Before: Jun 14 16:32:30 2024 GMT 2678s Not After : Jun 14 16:32:30 2025 GMT 2678s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2678s Subject Public Key Info: 2678s Public Key Algorithm: rsaEncryption 2678s Public-Key: (1024 bit) 2678s Modulus: 2678s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2678s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2678s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2678s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2678s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2678s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2678s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2678s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2678s ae:5e:af:23:cc:a0:23:8e:21 2678s Exponent: 65537 (0x10001) 2678s X509v3 extensions: 2678s X509v3 Authority Key Identifier: 2678s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2678s X509v3 Basic Constraints: 2678s CA:FALSE 2678s Netscape Cert Type: 2678s SSL Client, S/MIME 2678s Netscape Comment: 2678s Test Organization Intermediate CA trusted Certificate 2678s X509v3 Subject Key Identifier: 2678s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2678s X509v3 Key Usage: critical 2678s Digital Signature, Non Repudiation, Key Encipherment 2678s X509v3 Extended Key Usage: 2678s TLS Web Client Authentication, E-mail Protection 2678s X509v3 Subject Alternative Name: 2678s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2678s Signature Algorithm: sha256WithRSAEncryption 2678s Signature Value: 2678s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2678s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2678s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2678s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2678s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2678s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2678s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2678s c4:1a 2678s + local found_md5 expected_md5 2678s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + expected_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2678s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342.pem 2678s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2678s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2678s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.output 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.output .output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.pem 2678s + echo -n 053350 2678s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2678s [p11_child[2381]] [main] (0x0400): p11_child started. 2678s [p11_child[2381]] [main] (0x2000): Running in [auth] mode. 2678s [p11_child[2381]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2381]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2381]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 2678s [p11_child[2381]] [do_card] (0x4000): Module List: 2678s [p11_child[2381]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2381]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2381]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2381]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2678s [p11_child[2381]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2381]] [do_card] (0x4000): Login required. 2678s [p11_child[2381]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2678s [p11_child[2381]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2678s [p11_child[2381]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2678s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2678s [p11_child[2381]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2678s [p11_child[2381]] [do_card] (0x4000): Certificate verified and validated. 2678s [p11_child[2381]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.output 2678s + echo '-----BEGIN CERTIFICATE-----' 2678s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.output 2678s + echo '-----END CERTIFICATE-----' 2678s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.pem 2678s Certificate: 2678s Data: 2678s Version: 3 (0x2) 2678s Serial Number: 4 (0x4) 2678s Signature Algorithm: sha256WithRSAEncryption 2678s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2678s Validity 2678s Not Before: Jun 14 16:32:30 2024 GMT 2678s Not After : Jun 14 16:32:30 2025 GMT 2678s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2678s Subject Public Key Info: 2678s Public Key Algorithm: rsaEncryption 2678s Public-Key: (1024 bit) 2678s Modulus: 2678s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2678s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2678s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2678s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2678s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2678s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2678s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2678s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2678s ae:5e:af:23:cc:a0:23:8e:21 2678s Exponent: 65537 (0x10001) 2678s X509v3 extensions: 2678s X509v3 Authority Key Identifier: 2678s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2678s X509v3 Basic Constraints: 2678s CA:FALSE 2678s Netscape Cert Type: 2678s SSL Client, S/MIME 2678s Netscape Comment: 2678s Test Organization Intermediate CA trusted Certificate 2678s X509v3 Subject Key Identifier: 2678s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2678s X509v3 Key Usage: critical 2678s Digital Signature, Non Repudiation, Key Encipherment 2678s X509v3 Extended Key Usage: 2678s TLS Web Client Authentication, E-mail Protection 2678s X509v3 Subject Alternative Name: 2678s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2678s Signature Algorithm: sha256WithRSAEncryption 2678s Signature Value: 2678s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2678s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2678s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2678s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2678s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2678s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2678s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2678s c4:1a 2678s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27342-auth.pem 2678s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2678s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2678s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s + local verify_option= 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-intermediate-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2678s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2678s + token_name='Test Organization Interme Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2678s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2678s + echo 'Test Organization Interme Token' 2678s Test Organization Interme Token 2678s + '[' -n '' ']' 2678s + local output_base_name=SSSD-child-14143 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14143.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-14143.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s [p11_child[2391]] [main] (0x0400): p11_child started. 2678s [p11_child[2391]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2391]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2391]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2391]] [do_card] (0x4000): Module List: 2678s [p11_child[2391]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2391]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2391]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2391]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2678s [p11_child[2391]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2391]] [do_card] (0x4000): Login NOT required. 2678s [p11_child[2391]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2678s [p11_child[2391]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2678s [p11_child[2391]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2678s [p11_child[2391]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 2678s [p11_child[2391]] [do_card] (0x4000): No certificate found. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-14143.output 2678s + return 2 2678s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s + local verify_option=partial_chain 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-intermediate-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2678s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2678s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2678s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2678s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2678s Test Organization Interme Token 2678s + token_name='Test Organization Interme Token' 2678s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2678s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2678s + echo 'Test Organization Interme Token' 2678s + '[' -n partial_chain ']' 2678s + local verify_arg=--verify=partial_chain 2678s + local output_base_name=SSSD-child-32248 2678s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-32248.output 2678s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-32248.pem 2678s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2678s [p11_child[2398]] [main] (0x0400): p11_child started. 2678s [p11_child[2398]] [main] (0x2000): Running in [pre-auth] mode. 2678s [p11_child[2398]] [main] (0x2000): Running with effective IDs: [0][0]. 2678s [p11_child[2398]] [main] (0x2000): Running with real IDs [0][0]. 2678s [p11_child[2398]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2678s [p11_child[2398]] [do_card] (0x4000): Module List: 2678s [p11_child[2398]] [do_card] (0x4000): common name: [softhsm2]. 2678s [p11_child[2398]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2398]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2678s [p11_child[2398]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2678s [p11_child[2398]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2678s [p11_child[2398]] [do_card] (0x4000): Login NOT required. 2678s [p11_child[2398]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2678s [p11_child[2398]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2678s [p11_child[2398]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2678s [p11_child[2398]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 2678s [p11_child[2398]] [do_card] (0x4000): No certificate found. 2678s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-32248.output 2678s + return 2 2678s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2678s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2678s + local verify_option= 2678s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2678s + local key_cn 2678s + local key_name 2678s + local tokens_dir 2678s + local output_cert_file 2678s + token_name= 2678s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2678s + key_name=test-intermediate-CA-trusted-certificate-0001 2678s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2678s ++ sed -n 's/ *commonName *= //p' 2679s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2679s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2679s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2679s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2679s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2679s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2679s Test Organization Interme Token 2679s + token_name='Test Organization Interme Token' 2679s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2679s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2679s + echo 'Test Organization Interme Token' 2679s + '[' -n '' ']' 2679s + local output_base_name=SSSD-child-27737 2679s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.output 2679s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.pem 2679s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2679s [p11_child[2405]] [main] (0x0400): p11_child started. 2679s [p11_child[2405]] [main] (0x2000): Running in [pre-auth] mode. 2679s [p11_child[2405]] [main] (0x2000): Running with effective IDs: [0][0]. 2679s [p11_child[2405]] [main] (0x2000): Running with real IDs [0][0]. 2679s [p11_child[2405]] [do_card] (0x4000): Module List: 2679s [p11_child[2405]] [do_card] (0x4000): common name: [softhsm2]. 2679s [p11_child[2405]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2405]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2679s [p11_child[2405]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2679s [p11_child[2405]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2405]] [do_card] (0x4000): Login NOT required. 2679s [p11_child[2405]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2679s [p11_child[2405]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2679s [p11_child[2405]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2679s [p11_child[2405]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2679s [p11_child[2405]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2679s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.output 2679s + echo '-----BEGIN CERTIFICATE-----' 2679s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.output 2679s + echo '-----END CERTIFICATE-----' 2679s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.pem 2679s + local found_md5 expected_md5 2679s Certificate: 2679s Data: 2679s Version: 3 (0x2) 2679s Serial Number: 4 (0x4) 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2679s Validity 2679s Not Before: Jun 14 16:32:30 2024 GMT 2679s Not After : Jun 14 16:32:30 2025 GMT 2679s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2679s Subject Public Key Info: 2679s Public Key Algorithm: rsaEncryption 2679s Public-Key: (1024 bit) 2679s Modulus: 2679s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2679s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2679s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2679s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2679s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2679s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2679s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2679s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2679s ae:5e:af:23:cc:a0:23:8e:21 2679s Exponent: 65537 (0x10001) 2679s X509v3 extensions: 2679s X509v3 Authority Key Identifier: 2679s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2679s X509v3 Basic Constraints: 2679s CA:FALSE 2679s Netscape Cert Type: 2679s SSL Client, S/MIME 2679s Netscape Comment: 2679s Test Organization Intermediate CA trusted Certificate 2679s X509v3 Subject Key Identifier: 2679s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2679s X509v3 Key Usage: critical 2679s Digital Signature, Non Repudiation, Key Encipherment 2679s X509v3 Extended Key Usage: 2679s TLS Web Client Authentication, E-mail Protection 2679s X509v3 Subject Alternative Name: 2679s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Signature Value: 2679s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2679s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2679s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2679s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2679s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2679s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2679s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2679s c4:1a 2679s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2679s + expected_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2679s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737.pem 2679s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2679s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2679s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.output 2679s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.output .output 2679s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.pem 2679s + echo -n 053350 2679s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2679s [p11_child[2413]] [main] (0x0400): p11_child started. 2679s [p11_child[2413]] [main] (0x2000): Running in [auth] mode. 2679s [p11_child[2413]] [main] (0x2000): Running with effective IDs: [0][0]. 2679s [p11_child[2413]] [main] (0x2000): Running with real IDs [0][0]. 2679s [p11_child[2413]] [do_card] (0x4000): Module List: 2679s [p11_child[2413]] [do_card] (0x4000): common name: [softhsm2]. 2679s [p11_child[2413]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2413]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2679s [p11_child[2413]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2679s [p11_child[2413]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2413]] [do_card] (0x4000): Login required. 2679s [p11_child[2413]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2679s [p11_child[2413]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2679s [p11_child[2413]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2679s [p11_child[2413]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2679s [p11_child[2413]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2679s [p11_child[2413]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2679s [p11_child[2413]] [do_card] (0x4000): Certificate verified and validated. 2679s [p11_child[2413]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2679s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.output 2679s + echo '-----BEGIN CERTIFICATE-----' 2679s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.output 2679s + echo '-----END CERTIFICATE-----' 2679s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.pem 2679s Certificate: 2679s Data: 2679s Version: 3 (0x2) 2679s Serial Number: 4 (0x4) 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2679s Validity 2679s Not Before: Jun 14 16:32:30 2024 GMT 2679s Not After : Jun 14 16:32:30 2025 GMT 2679s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2679s Subject Public Key Info: 2679s Public Key Algorithm: rsaEncryption 2679s Public-Key: (1024 bit) 2679s Modulus: 2679s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2679s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2679s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2679s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2679s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2679s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2679s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2679s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2679s ae:5e:af:23:cc:a0:23:8e:21 2679s Exponent: 65537 (0x10001) 2679s X509v3 extensions: 2679s X509v3 Authority Key Identifier: 2679s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2679s X509v3 Basic Constraints: 2679s CA:FALSE 2679s Netscape Cert Type: 2679s SSL Client, S/MIME 2679s Netscape Comment: 2679s Test Organization Intermediate CA trusted Certificate 2679s X509v3 Subject Key Identifier: 2679s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2679s X509v3 Key Usage: critical 2679s Digital Signature, Non Repudiation, Key Encipherment 2679s X509v3 Extended Key Usage: 2679s TLS Web Client Authentication, E-mail Protection 2679s X509v3 Subject Alternative Name: 2679s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Signature Value: 2679s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2679s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2679s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2679s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2679s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2679s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2679s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2679s c4:1a 2679s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-27737-auth.pem 2679s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2679s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2679s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2679s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2679s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2679s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2679s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2679s + local verify_option=partial_chain 2679s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2679s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2679s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2679s + local key_cn 2679s + local key_name 2679s + local tokens_dir 2679s + local output_cert_file 2679s + token_name= 2679s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2679s + key_name=test-intermediate-CA-trusted-certificate-0001 2679s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2679s ++ sed -n 's/ *commonName *= //p' 2679s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2679s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2679s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2679s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2679s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2679s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2679s Test Organization Interme Token 2679s + token_name='Test Organization Interme Token' 2679s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2679s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2679s + echo 'Test Organization Interme Token' 2679s + '[' -n partial_chain ']' 2679s + local verify_arg=--verify=partial_chain 2679s + local output_base_name=SSSD-child-30574 2679s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.output 2679s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.pem 2679s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2679s [p11_child[2423]] [main] (0x0400): p11_child started. 2679s [p11_child[2423]] [main] (0x2000): Running in [pre-auth] mode. 2679s [p11_child[2423]] [main] (0x2000): Running with effective IDs: [0][0]. 2679s [p11_child[2423]] [main] (0x2000): Running with real IDs [0][0]. 2679s [p11_child[2423]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2679s [p11_child[2423]] [do_card] (0x4000): Module List: 2679s [p11_child[2423]] [do_card] (0x4000): common name: [softhsm2]. 2679s [p11_child[2423]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2423]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2679s [p11_child[2423]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2679s [p11_child[2423]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2679s [p11_child[2423]] [do_card] (0x4000): Login NOT required. 2679s [p11_child[2423]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2679s [p11_child[2423]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2679s [p11_child[2423]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2679s [p11_child[2423]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2679s [p11_child[2423]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2679s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.output 2679s + echo '-----BEGIN CERTIFICATE-----' 2679s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.output 2679s + echo '-----END CERTIFICATE-----' 2679s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.pem 2679s Certificate: 2679s Data: 2679s Version: 3 (0x2) 2679s Serial Number: 4 (0x4) 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2679s Validity 2679s Not Before: Jun 14 16:32:30 2024 GMT 2679s Not After : Jun 14 16:32:30 2025 GMT 2679s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2679s Subject Public Key Info: 2679s Public Key Algorithm: rsaEncryption 2679s Public-Key: (1024 bit) 2679s Modulus: 2679s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2679s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2679s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2679s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2679s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2679s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2679s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2679s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2679s ae:5e:af:23:cc:a0:23:8e:21 2679s Exponent: 65537 (0x10001) 2679s X509v3 extensions: 2679s X509v3 Authority Key Identifier: 2679s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2679s X509v3 Basic Constraints: 2679s CA:FALSE 2679s Netscape Cert Type: 2679s SSL Client, S/MIME 2679s Netscape Comment: 2679s Test Organization Intermediate CA trusted Certificate 2679s X509v3 Subject Key Identifier: 2679s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2679s X509v3 Key Usage: critical 2679s Digital Signature, Non Repudiation, Key Encipherment 2679s X509v3 Extended Key Usage: 2679s TLS Web Client Authentication, E-mail Protection 2679s X509v3 Subject Alternative Name: 2679s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2679s Signature Algorithm: sha256WithRSAEncryption 2679s Signature Value: 2679s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2679s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2679s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2679s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2679s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2679s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2679s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2679s c4:1a 2679s + local found_md5 expected_md5 2679s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2679s + expected_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2679s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574.pem 2679s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2679s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2679s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.output 2679s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.output .output 2679s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.pem 2680s + echo -n 053350 2680s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2680s [p11_child[2431]] [main] (0x0400): p11_child started. 2680s [p11_child[2431]] [main] (0x2000): Running in [auth] mode. 2680s [p11_child[2431]] [main] (0x2000): Running with effective IDs: [0][0]. 2680s [p11_child[2431]] [main] (0x2000): Running with real IDs [0][0]. 2680s [p11_child[2431]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2680s [p11_child[2431]] [do_card] (0x4000): Module List: 2680s [p11_child[2431]] [do_card] (0x4000): common name: [softhsm2]. 2680s [p11_child[2431]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2431]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2680s [p11_child[2431]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2680s [p11_child[2431]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2431]] [do_card] (0x4000): Login required. 2680s [p11_child[2431]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2680s [p11_child[2431]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2680s [p11_child[2431]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2680s [p11_child[2431]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2680s [p11_child[2431]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2680s [p11_child[2431]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2680s [p11_child[2431]] [do_card] (0x4000): Certificate verified and validated. 2680s [p11_child[2431]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2680s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.output 2680s + echo '-----BEGIN CERTIFICATE-----' 2680s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.output 2680s + echo '-----END CERTIFICATE-----' 2680s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.pem 2680s Certificate: 2680s Data: 2680s Version: 3 (0x2) 2680s Serial Number: 4 (0x4) 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2680s Validity 2680s Not Before: Jun 14 16:32:30 2024 GMT 2680s Not After : Jun 14 16:32:30 2025 GMT 2680s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2680s Subject Public Key Info: 2680s Public Key Algorithm: rsaEncryption 2680s Public-Key: (1024 bit) 2680s Modulus: 2680s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2680s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2680s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2680s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2680s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2680s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2680s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2680s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2680s ae:5e:af:23:cc:a0:23:8e:21 2680s Exponent: 65537 (0x10001) 2680s X509v3 extensions: 2680s X509v3 Authority Key Identifier: 2680s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2680s X509v3 Basic Constraints: 2680s CA:FALSE 2680s Netscape Cert Type: 2680s SSL Client, S/MIME 2680s Netscape Comment: 2680s Test Organization Intermediate CA trusted Certificate 2680s X509v3 Subject Key Identifier: 2680s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2680s X509v3 Key Usage: critical 2680s Digital Signature, Non Repudiation, Key Encipherment 2680s X509v3 Extended Key Usage: 2680s TLS Web Client Authentication, E-mail Protection 2680s X509v3 Subject Alternative Name: 2680s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Signature Value: 2680s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2680s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2680s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2680s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2680s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2680s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2680s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2680s c4:1a 2680s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-30574-auth.pem 2680s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2680s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2680s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s + local verify_option= 2680s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local key_cn 2680s + local key_name 2680s + local tokens_dir 2680s + local output_cert_file 2680s + token_name= 2680s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2680s + key_name=test-intermediate-CA-trusted-certificate-0001 2680s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s ++ sed -n 's/ *commonName *= //p' 2680s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2680s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2680s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2680s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2680s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2680s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2680s Test Organization Interme Token 2680s + token_name='Test Organization Interme Token' 2680s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2680s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2680s + echo 'Test Organization Interme Token' 2680s + '[' -n '' ']' 2680s + local output_base_name=SSSD-child-32292 2680s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-32292.output 2680s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-32292.pem 2680s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s [p11_child[2441]] [main] (0x0400): p11_child started. 2680s [p11_child[2441]] [main] (0x2000): Running in [pre-auth] mode. 2680s [p11_child[2441]] [main] (0x2000): Running with effective IDs: [0][0]. 2680s [p11_child[2441]] [main] (0x2000): Running with real IDs [0][0]. 2680s [p11_child[2441]] [do_card] (0x4000): Module List: 2680s [p11_child[2441]] [do_card] (0x4000): common name: [softhsm2]. 2680s [p11_child[2441]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2441]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2680s [p11_child[2441]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2680s [p11_child[2441]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2441]] [do_card] (0x4000): Login NOT required. 2680s [p11_child[2441]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2680s [p11_child[2441]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2680s [p11_child[2441]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 2680s [p11_child[2441]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 2680s [p11_child[2441]] [do_card] (0x4000): No certificate found. 2680s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-32292.output 2680s + return 2 2680s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem partial_chain 2680s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem partial_chain 2680s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s + local verify_option=partial_chain 2680s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32043 2680s + local key_cn 2680s + local key_name 2680s + local tokens_dir 2680s + local output_cert_file 2680s + token_name= 2680s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem .pem 2680s + key_name=test-intermediate-CA-trusted-certificate-0001 2680s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s ++ sed -n 's/ *commonName *= //p' 2680s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2680s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2680s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2680s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2680s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2680s Test Organization Interme Token 2680s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 2680s + token_name='Test Organization Interme Token' 2680s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2680s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 2680s + echo 'Test Organization Interme Token' 2680s + '[' -n partial_chain ']' 2680s + local verify_arg=--verify=partial_chain 2680s + local output_base_name=SSSD-child-13246 2680s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.output 2680s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.pem 2680s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem 2680s [p11_child[2448]] [main] (0x0400): p11_child started. 2680s [p11_child[2448]] [main] (0x2000): Running in [pre-auth] mode. 2680s [p11_child[2448]] [main] (0x2000): Running with effective IDs: [0][0]. 2680s [p11_child[2448]] [main] (0x2000): Running with real IDs [0][0]. 2680s [p11_child[2448]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2680s [p11_child[2448]] [do_card] (0x4000): Module List: 2680s [p11_child[2448]] [do_card] (0x4000): common name: [softhsm2]. 2680s [p11_child[2448]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2448]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2680s [p11_child[2448]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2680s [p11_child[2448]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2448]] [do_card] (0x4000): Login NOT required. 2680s [p11_child[2448]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2680s [p11_child[2448]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2680s [p11_child[2448]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2680s [p11_child[2448]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2680s [p11_child[2448]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2680s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.output 2680s + echo '-----BEGIN CERTIFICATE-----' 2680s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.output 2680s + echo '-----END CERTIFICATE-----' 2680s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.pem 2680s Certificate: 2680s Data: 2680s Version: 3 (0x2) 2680s Serial Number: 4 (0x4) 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2680s Validity 2680s Not Before: Jun 14 16:32:30 2024 GMT 2680s Not After : Jun 14 16:32:30 2025 GMT 2680s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2680s Subject Public Key Info: 2680s Public Key Algorithm: rsaEncryption 2680s Public-Key: (1024 bit) 2680s Modulus: 2680s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2680s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2680s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2680s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2680s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2680s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2680s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2680s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2680s ae:5e:af:23:cc:a0:23:8e:21 2680s Exponent: 65537 (0x10001) 2680s X509v3 extensions: 2680s X509v3 Authority Key Identifier: 2680s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2680s X509v3 Basic Constraints: 2680s CA:FALSE 2680s Netscape Cert Type: 2680s SSL Client, S/MIME 2680s Netscape Comment: 2680s Test Organization Intermediate CA trusted Certificate 2680s X509v3 Subject Key Identifier: 2680s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2680s X509v3 Key Usage: critical 2680s Digital Signature, Non Repudiation, Key Encipherment 2680s X509v3 Extended Key Usage: 2680s TLS Web Client Authentication, E-mail Protection 2680s X509v3 Subject Alternative Name: 2680s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Signature Value: 2680s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2680s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2680s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2680s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2680s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2680s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2680s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2680s c4:1a 2680s + local found_md5 expected_md5 2680s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA-trusted-certificate-0001.pem 2680s + expected_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2680s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246.pem 2680s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2680s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2680s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.output 2680s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.output .output 2680s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.pem 2680s + echo -n 053350 2680s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2680s [p11_child[2456]] [main] (0x0400): p11_child started. 2680s [p11_child[2456]] [main] (0x2000): Running in [auth] mode. 2680s [p11_child[2456]] [main] (0x2000): Running with effective IDs: [0][0]. 2680s [p11_child[2456]] [main] (0x2000): Running with real IDs [0][0]. 2680s [p11_child[2456]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2680s [p11_child[2456]] [do_card] (0x4000): Module List: 2680s [p11_child[2456]] [do_card] (0x4000): common name: [softhsm2]. 2680s [p11_child[2456]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2456]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6eacb937] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2680s [p11_child[2456]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 2680s [p11_child[2456]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x6eacb937][1856813367] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2680s [p11_child[2456]] [do_card] (0x4000): Login required. 2680s [p11_child[2456]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 2680s [p11_child[2456]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2680s [p11_child[2456]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2680s [p11_child[2456]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6eacb937;slot-manufacturer=SoftHSM%20project;slot-id=1856813367;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8af563866eacb937;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2680s [p11_child[2456]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2680s [p11_child[2456]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2680s [p11_child[2456]] [do_card] (0x4000): Certificate verified and validated. 2680s [p11_child[2456]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2680s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.output 2680s + echo '-----BEGIN CERTIFICATE-----' 2680s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.output 2680s + echo '-----END CERTIFICATE-----' 2680s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.pem 2680s Certificate: 2680s Data: 2680s Version: 3 (0x2) 2680s Serial Number: 4 (0x4) 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2680s Validity 2680s Not Before: Jun 14 16:32:30 2024 GMT 2680s Not After : Jun 14 16:32:30 2025 GMT 2680s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2680s Subject Public Key Info: 2680s Public Key Algorithm: rsaEncryption 2680s Public-Key: (1024 bit) 2680s Modulus: 2680s 00:9a:c7:5c:94:67:41:36:91:76:33:e7:90:5b:93: 2680s 2d:1f:a4:3c:72:ab:02:f2:7b:bd:e5:bb:2b:95:e4: 2680s a7:df:1e:a6:67:b1:4c:93:f9:79:bf:ca:e2:ff:c3: 2680s e0:f7:07:c8:a1:a5:bb:d4:6f:4f:ce:82:bc:74:1b: 2680s 67:23:3e:dd:78:f5:66:f2:27:66:bb:f8:8c:20:29: 2680s 2d:2e:6e:12:8b:d0:64:11:50:e1:83:4c:8e:d5:c8: 2680s 15:6b:cd:c0:f4:87:ef:5b:66:57:70:ea:96:ae:99: 2680s a2:aa:58:50:01:1b:cb:98:b3:94:ce:b5:b3:0a:13: 2680s ae:5e:af:23:cc:a0:23:8e:21 2680s Exponent: 65537 (0x10001) 2680s X509v3 extensions: 2680s X509v3 Authority Key Identifier: 2680s 7C:0A:7A:07:BD:5F:72:F7:57:04:5F:5F:D8:60:AC:ED:F7:12:34:08 2680s X509v3 Basic Constraints: 2680s CA:FALSE 2680s Netscape Cert Type: 2680s SSL Client, S/MIME 2680s Netscape Comment: 2680s Test Organization Intermediate CA trusted Certificate 2680s X509v3 Subject Key Identifier: 2680s E0:26:49:E2:EB:94:DF:AC:75:34:BF:02:54:8B:43:09:48:BE:CE:AE 2680s X509v3 Key Usage: critical 2680s Digital Signature, Non Repudiation, Key Encipherment 2680s X509v3 Extended Key Usage: 2680s TLS Web Client Authentication, E-mail Protection 2680s X509v3 Subject Alternative Name: 2680s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2680s Signature Algorithm: sha256WithRSAEncryption 2680s Signature Value: 2680s 80:f9:0a:03:85:bf:54:eb:93:02:2c:1d:39:b1:14:29:f2:f4: 2680s b4:15:f0:c9:a5:4d:6d:dd:13:b2:0b:4e:11:54:72:11:a5:e4: 2680s fa:a1:e0:f7:4e:4a:57:8b:9a:ea:da:db:85:bb:a7:22:ec:56: 2680s 28:f9:d1:86:23:5b:57:51:54:f7:c0:17:8a:08:bb:6c:3b:03: 2680s 41:e2:00:6a:2f:90:71:51:79:65:38:6d:92:65:57:6d:97:ce: 2680s b2:45:ac:1a:57:97:6e:55:08:a8:97:bc:e6:ef:06:90:bc:a7: 2680s 5b:85:11:fe:fc:ee:de:eb:8f:71:58:ac:4e:b4:c4:82:4c:e1: 2680s c4:1a 2681s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-13246-auth.pem 2682s + found_md5=Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 2682s + '[' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 '!=' Modulus=9AC75C94674136917633E7905B932D1FA43C72AB02F27BBDE5BB2B95E4A7DF1EA667B14C93F979BFCAE2FFC3E0F707C8A1A5BBD46F4FCE82BC741B67233EDD78F566F22766BBF88C20292D2E6E128BD0641150E1834C8ED5C8156BCDC0F487EF5B665770EA96AE99A2AA5850011BCB98B394CEB5B30A13AE5EAF23CCA0238E21 ']' 2682s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2682s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2682s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2682s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2682s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2682s + local verify_option= 2682s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2682s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2682s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2682s + local key_cn 2682s + local key_name 2682s + local tokens_dir 2682s + local output_cert_file 2682s + token_name= 2682s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2682s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2682s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2682s ++ sed -n 's/ *commonName *= //p' 2682s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2682s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2682s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2682s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2682s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2682s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2682s + token_name='Test Organization Sub Int Token' 2682s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2682s + local key_file 2682s + local decrypted_key 2682s + mkdir -p /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2682s + key_file=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 2682s + decrypted_key=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2682s + cat 2682s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 2683s Slot 0 has a free/uninitialized token. 2683s The token has been initialized and is reassigned to slot 1953826348 2683s + softhsm2-util --show-slots 2683s Available slots: 2683s Slot 1953826348 2683s Slot info: 2683s Description: SoftHSM slot ID 0x7475062c 2683s Manufacturer ID: SoftHSM project 2683s Hardware version: 2.6 2683s Firmware version: 2.6 2683s Token present: yes 2683s Token info: 2683s Manufacturer ID: SoftHSM project 2683s Model: SoftHSM v2 2683s Hardware version: 2.6 2683s Firmware version: 2.6 2683s Serial number: 0c582c297475062c 2683s Initialized: yes 2683s User PIN init.: yes 2683s Label: Test Organization Sub Int Token 2683s Slot 1 2683s Slot info: 2683s Description: SoftHSM slot ID 0x1 2683s Manufacturer ID: SoftHSM project 2683s Hardware version: 2.6 2683s Firmware version: 2.6 2683s Token present: yes 2683s Token info: 2683s Manufacturer ID: SoftHSM project 2683s Model: SoftHSM v2 2683s Hardware version: 2.6 2683s Firmware version: 2.6 2683s Serial number: 2683s Initialized: no 2683s User PIN init.: no 2683s Label: 2683s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2684s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-26155 -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2684s writing RSA key 2684s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2684s + rm /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2684s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2684s Object 0: 2684s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 2684s Type: X.509 Certificate (RSA-1024) 2684s Expires: Sat Jun 14 16:32:31 2025 2684s Label: Test Organization Sub Intermediate Trusted Certificate 0001 2684s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2684s 2684s + echo 'Test Organization Sub Int Token' 2684s Test Organization Sub Int Token 2684s + '[' -n '' ']' 2684s + local output_base_name=SSSD-child-8595 2684s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-8595.output 2684s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-8595.pem 2684s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2684s [p11_child[2475]] [main] (0x0400): p11_child started. 2684s [p11_child[2475]] [main] (0x2000): Running in [pre-auth] mode. 2684s [p11_child[2475]] [main] (0x2000): Running with effective IDs: [0][0]. 2684s [p11_child[2475]] [main] (0x2000): Running with real IDs [0][0]. 2684s [p11_child[2475]] [do_card] (0x4000): Module List: 2684s [p11_child[2475]] [do_card] (0x4000): common name: [softhsm2]. 2684s [p11_child[2475]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2475]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2684s [p11_child[2475]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2684s [p11_child[2475]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2475]] [do_card] (0x4000): Login NOT required. 2684s [p11_child[2475]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2684s [p11_child[2475]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2684s [p11_child[2475]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2684s [p11_child[2475]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 2684s [p11_child[2475]] [do_card] (0x4000): No certificate found. 2684s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-8595.output 2684s + return 2 2684s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2684s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem partial_chain 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2684s + local verify_option=partial_chain 2684s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_cn 2684s + local key_name 2684s + local tokens_dir 2684s + local output_cert_file 2684s + token_name= 2684s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2684s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2684s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s ++ sed -n 's/ *commonName *= //p' 2684s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2684s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2684s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2684s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2684s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2684s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2684s + token_name='Test Organization Sub Int Token' 2684s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2684s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2684s + echo 'Test Organization Sub Int Token' 2684s Test Organization Sub Int Token 2684s + '[' -n partial_chain ']' 2684s + local verify_arg=--verify=partial_chain 2684s + local output_base_name=SSSD-child-18310 2684s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-18310.output 2684s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-18310.pem 2684s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-CA.pem 2684s [p11_child[2482]] [main] (0x0400): p11_child started. 2684s [p11_child[2482]] [main] (0x2000): Running in [pre-auth] mode. 2684s [p11_child[2482]] [main] (0x2000): Running with effective IDs: [0][0]. 2684s [p11_child[2482]] [main] (0x2000): Running with real IDs [0][0]. 2684s [p11_child[2482]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2684s [p11_child[2482]] [do_card] (0x4000): Module List: 2684s [p11_child[2482]] [do_card] (0x4000): common name: [softhsm2]. 2684s [p11_child[2482]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2482]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2684s [p11_child[2482]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2684s [p11_child[2482]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2482]] [do_card] (0x4000): Login NOT required. 2684s [p11_child[2482]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2684s [p11_child[2482]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2684s [p11_child[2482]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2684s [p11_child[2482]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 2684s [p11_child[2482]] [do_card] (0x4000): No certificate found. 2684s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-18310.output 2684s + return 2 2684s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2684s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2684s + local verify_option= 2684s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_cn 2684s + local key_name 2684s + local tokens_dir 2684s + local output_cert_file 2684s + token_name= 2684s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2684s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2684s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s ++ sed -n 's/ *commonName *= //p' 2684s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2684s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2684s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2684s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2684s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2684s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2684s + token_name='Test Organization Sub Int Token' 2684s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2684s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2684s + echo 'Test Organization Sub Int Token' 2684s Test Organization Sub Int Token 2684s + '[' -n '' ']' 2684s + local output_base_name=SSSD-child-2937 2684s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.output 2684s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.pem 2684s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2684s [p11_child[2489]] [main] (0x0400): p11_child started. 2684s [p11_child[2489]] [main] (0x2000): Running in [pre-auth] mode. 2684s [p11_child[2489]] [main] (0x2000): Running with effective IDs: [0][0]. 2684s [p11_child[2489]] [main] (0x2000): Running with real IDs [0][0]. 2684s [p11_child[2489]] [do_card] (0x4000): Module List: 2684s [p11_child[2489]] [do_card] (0x4000): common name: [softhsm2]. 2684s [p11_child[2489]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2489]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2684s [p11_child[2489]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2684s [p11_child[2489]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2489]] [do_card] (0x4000): Login NOT required. 2684s [p11_child[2489]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2684s [p11_child[2489]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2684s [p11_child[2489]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2684s [p11_child[2489]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2684s [p11_child[2489]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2684s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.output 2684s + echo '-----BEGIN CERTIFICATE-----' 2684s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.output 2684s + echo '-----END CERTIFICATE-----' 2684s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.pem 2684s Certificate: 2684s Data: 2684s Version: 3 (0x2) 2684s Serial Number: 5 (0x5) 2684s Signature Algorithm: sha256WithRSAEncryption 2684s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2684s Validity 2684s Not Before: Jun 14 16:32:31 2024 GMT 2684s Not After : Jun 14 16:32:31 2025 GMT 2684s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2684s Subject Public Key Info: 2684s Public Key Algorithm: rsaEncryption 2684s Public-Key: (1024 bit) 2684s Modulus: 2684s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2684s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2684s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2684s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2684s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2684s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2684s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2684s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2684s 54:1d:3b:50:4f:52:f1:e0:e1 2684s Exponent: 65537 (0x10001) 2684s X509v3 extensions: 2684s X509v3 Authority Key Identifier: 2684s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2684s X509v3 Basic Constraints: 2684s CA:FALSE 2684s Netscape Cert Type: 2684s SSL Client, S/MIME 2684s Netscape Comment: 2684s Test Organization Sub Intermediate CA trusted Certificate 2684s X509v3 Subject Key Identifier: 2684s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2684s X509v3 Key Usage: critical 2684s Digital Signature, Non Repudiation, Key Encipherment 2684s X509v3 Extended Key Usage: 2684s TLS Web Client Authentication, E-mail Protection 2684s X509v3 Subject Alternative Name: 2684s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2684s Signature Algorithm: sha256WithRSAEncryption 2684s Signature Value: 2684s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2684s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2684s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2684s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2684s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2684s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2684s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2684s 6a:62 2684s + local found_md5 expected_md5 2684s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + expected_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2684s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937.pem 2684s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2684s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2684s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.output 2684s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.output .output 2684s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.pem 2684s + echo -n 053350 2684s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2684s [p11_child[2497]] [main] (0x0400): p11_child started. 2684s [p11_child[2497]] [main] (0x2000): Running in [auth] mode. 2684s [p11_child[2497]] [main] (0x2000): Running with effective IDs: [0][0]. 2684s [p11_child[2497]] [main] (0x2000): Running with real IDs [0][0]. 2684s [p11_child[2497]] [do_card] (0x4000): Module List: 2684s [p11_child[2497]] [do_card] (0x4000): common name: [softhsm2]. 2684s [p11_child[2497]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2497]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2684s [p11_child[2497]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2684s [p11_child[2497]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2684s [p11_child[2497]] [do_card] (0x4000): Login required. 2684s [p11_child[2497]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2684s [p11_child[2497]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2684s [p11_child[2497]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2684s [p11_child[2497]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2684s [p11_child[2497]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2684s [p11_child[2497]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2684s [p11_child[2497]] [do_card] (0x4000): Certificate verified and validated. 2684s [p11_child[2497]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2684s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.output 2684s + echo '-----BEGIN CERTIFICATE-----' 2684s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.output 2684s + echo '-----END CERTIFICATE-----' 2684s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.pem 2684s Certificate: 2684s Data: 2684s Version: 3 (0x2) 2684s Serial Number: 5 (0x5) 2684s Signature Algorithm: sha256WithRSAEncryption 2684s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2684s Validity 2684s Not Before: Jun 14 16:32:31 2024 GMT 2684s Not After : Jun 14 16:32:31 2025 GMT 2684s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2684s Subject Public Key Info: 2684s Public Key Algorithm: rsaEncryption 2684s Public-Key: (1024 bit) 2684s Modulus: 2684s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2684s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2684s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2684s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2684s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2684s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2684s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2684s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2684s 54:1d:3b:50:4f:52:f1:e0:e1 2684s Exponent: 65537 (0x10001) 2684s X509v3 extensions: 2684s X509v3 Authority Key Identifier: 2684s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2684s X509v3 Basic Constraints: 2684s CA:FALSE 2684s Netscape Cert Type: 2684s SSL Client, S/MIME 2684s Netscape Comment: 2684s Test Organization Sub Intermediate CA trusted Certificate 2684s X509v3 Subject Key Identifier: 2684s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2684s X509v3 Key Usage: critical 2684s Digital Signature, Non Repudiation, Key Encipherment 2684s X509v3 Extended Key Usage: 2684s TLS Web Client Authentication, E-mail Protection 2684s X509v3 Subject Alternative Name: 2684s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2684s Signature Algorithm: sha256WithRSAEncryption 2684s Signature Value: 2684s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2684s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2684s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2684s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2684s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2684s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2684s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2684s 6a:62 2684s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-2937-auth.pem 2684s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2684s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2684s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2684s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem partial_chain 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2684s + local verify_option=partial_chain 2684s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2684s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2684s + local key_cn 2684s + local key_name 2685s + local tokens_dir 2685s + local output_cert_file 2685s + token_name= 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2685s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2685s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s ++ sed -n 's/ *commonName *= //p' 2685s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2685s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2685s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2685s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2685s + token_name='Test Organization Sub Int Token' 2685s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2685s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2685s + echo 'Test Organization Sub Int Token' 2685s Test Organization Sub Int Token 2685s + '[' -n partial_chain ']' 2685s + local verify_arg=--verify=partial_chain 2685s + local output_base_name=SSSD-child-160 2685s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.pem 2685s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem 2685s [p11_child[2507]] [main] (0x0400): p11_child started. 2685s [p11_child[2507]] [main] (0x2000): Running in [pre-auth] mode. 2685s [p11_child[2507]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2507]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2507]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2507]] [do_card] (0x4000): Module List: 2685s [p11_child[2507]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2507]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2507]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2507]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2507]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2507]] [do_card] (0x4000): Login NOT required. 2685s [p11_child[2507]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2507]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2685s [p11_child[2507]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2685s [p11_child[2507]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2685s [p11_child[2507]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.output 2685s + echo '-----BEGIN CERTIFICATE-----' 2685s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.output 2685s + echo '-----END CERTIFICATE-----' 2685s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.pem 2685s Certificate: 2685s Data: 2685s Version: 3 (0x2) 2685s Serial Number: 5 (0x5) 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2685s Validity 2685s Not Before: Jun 14 16:32:31 2024 GMT 2685s Not After : Jun 14 16:32:31 2025 GMT 2685s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2685s Subject Public Key Info: 2685s Public Key Algorithm: rsaEncryption 2685s Public-Key: (1024 bit) 2685s Modulus: 2685s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2685s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2685s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2685s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2685s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2685s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2685s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2685s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2685s 54:1d:3b:50:4f:52:f1:e0:e1 2685s Exponent: 65537 (0x10001) 2685s X509v3 extensions: 2685s X509v3 Authority Key Identifier: 2685s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2685s X509v3 Basic Constraints: 2685s CA:FALSE 2685s Netscape Cert Type: 2685s SSL Client, S/MIME 2685s Netscape Comment: 2685s Test Organization Sub Intermediate CA trusted Certificate 2685s X509v3 Subject Key Identifier: 2685s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2685s X509v3 Key Usage: critical 2685s Digital Signature, Non Repudiation, Key Encipherment 2685s X509v3 Extended Key Usage: 2685s TLS Web Client Authentication, E-mail Protection 2685s X509v3 Subject Alternative Name: 2685s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Signature Value: 2685s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2685s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2685s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2685s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2685s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2685s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2685s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2685s 6a:62 2685s + local found_md5 expected_md5 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + expected_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160.pem 2685s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2685s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.output 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.output .output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.pem 2685s + echo -n 053350 2685s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2685s [p11_child[2515]] [main] (0x0400): p11_child started. 2685s [p11_child[2515]] [main] (0x2000): Running in [auth] mode. 2685s [p11_child[2515]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2515]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2515]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2515]] [do_card] (0x4000): Module List: 2685s [p11_child[2515]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2515]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2515]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2515]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2515]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2515]] [do_card] (0x4000): Login required. 2685s [p11_child[2515]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2515]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2685s [p11_child[2515]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2685s [p11_child[2515]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2685s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2685s [p11_child[2515]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2685s [p11_child[2515]] [do_card] (0x4000): Certificate verified and validated. 2685s [p11_child[2515]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.output 2685s + echo '-----BEGIN CERTIFICATE-----' 2685s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.output 2685s + echo '-----END CERTIFICATE-----' 2685s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.pem 2685s Certificate: 2685s Data: 2685s Version: 3 (0x2) 2685s Serial Number: 5 (0x5) 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2685s Validity 2685s Not Before: Jun 14 16:32:31 2024 GMT 2685s Not After : Jun 14 16:32:31 2025 GMT 2685s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2685s Subject Public Key Info: 2685s Public Key Algorithm: rsaEncryption 2685s Public-Key: (1024 bit) 2685s Modulus: 2685s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2685s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2685s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2685s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2685s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2685s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2685s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2685s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2685s 54:1d:3b:50:4f:52:f1:e0:e1 2685s Exponent: 65537 (0x10001) 2685s X509v3 extensions: 2685s X509v3 Authority Key Identifier: 2685s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2685s X509v3 Basic Constraints: 2685s CA:FALSE 2685s Netscape Cert Type: 2685s SSL Client, S/MIME 2685s Netscape Comment: 2685s Test Organization Sub Intermediate CA trusted Certificate 2685s X509v3 Subject Key Identifier: 2685s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2685s X509v3 Key Usage: critical 2685s Digital Signature, Non Repudiation, Key Encipherment 2685s X509v3 Extended Key Usage: 2685s TLS Web Client Authentication, E-mail Protection 2685s X509v3 Subject Alternative Name: 2685s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Signature Value: 2685s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2685s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2685s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2685s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2685s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2685s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2685s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2685s 6a:62 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-160-auth.pem 2685s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2685s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s + local verify_option= 2685s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_cn 2685s + local key_name 2685s + local tokens_dir 2685s + local output_cert_file 2685s + token_name= 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2685s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2685s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s ++ sed -n 's/ *commonName *= //p' 2685s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2685s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2685s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2685s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2685s + token_name='Test Organization Sub Int Token' 2685s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2685s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2685s + echo 'Test Organization Sub Int Token' 2685s + '[' -n '' ']' 2685s + local output_base_name=SSSD-child-4218 2685s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-4218.output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-4218.pem 2685s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s Test Organization Sub Int Token 2685s [p11_child[2525]] [main] (0x0400): p11_child started. 2685s [p11_child[2525]] [main] (0x2000): Running in [pre-auth] mode. 2685s [p11_child[2525]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2525]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2525]] [do_card] (0x4000): Module List: 2685s [p11_child[2525]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2525]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2525]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2525]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2525]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2525]] [do_card] (0x4000): Login NOT required. 2685s [p11_child[2525]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2525]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2685s [p11_child[2525]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 2685s [p11_child[2525]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 2685s [p11_child[2525]] [do_card] (0x4000): No certificate found. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-4218.output 2685s + return 2 2685s + invalid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem partial_chain 2685s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem partial_chain 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem 2685s + local verify_option=partial_chain 2685s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_cn 2685s + local key_name 2685s + local tokens_dir 2685s + local output_cert_file 2685s + token_name= 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2685s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2685s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s ++ sed -n 's/ *commonName *= //p' 2685s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2685s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2685s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2685s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2685s + token_name='Test Organization Sub Int Token' 2685s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2685s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2685s + echo 'Test Organization Sub Int Token' 2685s + '[' -n partial_chain ']' 2685s + local verify_arg=--verify=partial_chain 2685s + local output_base_name=SSSD-child-10976 2685s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-10976.output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-10976.pem 2685s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-root-intermediate-chain-CA.pem 2685s Test Organization Sub Int Token 2685s [p11_child[2532]] [main] (0x0400): p11_child started. 2685s [p11_child[2532]] [main] (0x2000): Running in [pre-auth] mode. 2685s [p11_child[2532]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2532]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2532]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2532]] [do_card] (0x4000): Module List: 2685s [p11_child[2532]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2532]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2532]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2532]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2532]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2532]] [do_card] (0x4000): Login NOT required. 2685s [p11_child[2532]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2532]] [do_verification] (0x0040): X509_verify_cert failed [0]. 2685s [p11_child[2532]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 2685s [p11_child[2532]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 2685s [p11_child[2532]] [do_card] (0x4000): No certificate found. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-10976.output 2685s + return 2 2685s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem partial_chain 2685s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem partial_chain 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s + local verify_option=partial_chain 2685s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_cn 2685s + local key_name 2685s + local tokens_dir 2685s + local output_cert_file 2685s + token_name= 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2685s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2685s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s ++ sed -n 's/ *commonName *= //p' 2685s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2685s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2685s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2685s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2685s + token_name='Test Organization Sub Int Token' 2685s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2685s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2685s + echo 'Test Organization Sub Int Token' 2685s + '[' -n partial_chain ']' 2685s + local verify_arg=--verify=partial_chain 2685s + local output_base_name=SSSD-child-6388 2685s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.pem 2685s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem 2685s Test Organization Sub Int Token 2685s [p11_child[2539]] [main] (0x0400): p11_child started. 2685s [p11_child[2539]] [main] (0x2000): Running in [pre-auth] mode. 2685s [p11_child[2539]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2539]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2539]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2539]] [do_card] (0x4000): Module List: 2685s [p11_child[2539]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2539]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2539]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2539]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2539]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2539]] [do_card] (0x4000): Login NOT required. 2685s [p11_child[2539]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2539]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2685s [p11_child[2539]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2685s [p11_child[2539]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2685s [p11_child[2539]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.output 2685s + echo '-----BEGIN CERTIFICATE-----' 2685s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.output 2685s + echo '-----END CERTIFICATE-----' 2685s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.pem 2685s + local found_md5 expected_md5 2685s Certificate: 2685s Data: 2685s Version: 3 (0x2) 2685s Serial Number: 5 (0x5) 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2685s Validity 2685s Not Before: Jun 14 16:32:31 2024 GMT 2685s Not After : Jun 14 16:32:31 2025 GMT 2685s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2685s Subject Public Key Info: 2685s Public Key Algorithm: rsaEncryption 2685s Public-Key: (1024 bit) 2685s Modulus: 2685s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2685s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2685s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2685s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2685s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2685s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2685s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2685s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2685s 54:1d:3b:50:4f:52:f1:e0:e1 2685s Exponent: 65537 (0x10001) 2685s X509v3 extensions: 2685s X509v3 Authority Key Identifier: 2685s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2685s X509v3 Basic Constraints: 2685s CA:FALSE 2685s Netscape Cert Type: 2685s SSL Client, S/MIME 2685s Netscape Comment: 2685s Test Organization Sub Intermediate CA trusted Certificate 2685s X509v3 Subject Key Identifier: 2685s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2685s X509v3 Key Usage: critical 2685s Digital Signature, Non Repudiation, Key Encipherment 2685s X509v3 Extended Key Usage: 2685s TLS Web Client Authentication, E-mail Protection 2685s X509v3 Subject Alternative Name: 2685s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Signature Value: 2685s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2685s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2685s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2685s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2685s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2685s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2685s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2685s 6a:62 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + expected_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388.pem 2685s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2685s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.output 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.output .output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.pem 2685s + echo -n 053350 2685s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2685s [p11_child[2547]] [main] (0x0400): p11_child started. 2685s [p11_child[2547]] [main] (0x2000): Running in [auth] mode. 2685s [p11_child[2547]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2547]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2547]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2547]] [do_card] (0x4000): Module List: 2685s [p11_child[2547]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2547]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2547]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2547]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2547]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2547]] [do_card] (0x4000): Login required. 2685s [p11_child[2547]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2547]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2685s [p11_child[2547]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2685s [p11_child[2547]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2685s [p11_child[2547]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2685s [p11_child[2547]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2685s [p11_child[2547]] [do_card] (0x4000): Certificate verified and validated. 2685s [p11_child[2547]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.output 2685s + echo '-----BEGIN CERTIFICATE-----' 2685s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.output 2685s + echo '-----END CERTIFICATE-----' 2685s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.pem 2685s Certificate: 2685s Data: 2685s Version: 3 (0x2) 2685s Serial Number: 5 (0x5) 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2685s Validity 2685s Not Before: Jun 14 16:32:31 2024 GMT 2685s Not After : Jun 14 16:32:31 2025 GMT 2685s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2685s Subject Public Key Info: 2685s Public Key Algorithm: rsaEncryption 2685s Public-Key: (1024 bit) 2685s Modulus: 2685s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2685s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2685s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2685s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2685s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2685s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2685s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2685s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2685s 54:1d:3b:50:4f:52:f1:e0:e1 2685s Exponent: 65537 (0x10001) 2685s X509v3 extensions: 2685s X509v3 Authority Key Identifier: 2685s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2685s X509v3 Basic Constraints: 2685s CA:FALSE 2685s Netscape Cert Type: 2685s SSL Client, S/MIME 2685s Netscape Comment: 2685s Test Organization Sub Intermediate CA trusted Certificate 2685s X509v3 Subject Key Identifier: 2685s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2685s X509v3 Key Usage: critical 2685s Digital Signature, Non Repudiation, Key Encipherment 2685s X509v3 Extended Key Usage: 2685s TLS Web Client Authentication, E-mail Protection 2685s X509v3 Subject Alternative Name: 2685s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Signature Value: 2685s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2685s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2685s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2685s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2685s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2685s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2685s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2685s 6a:62 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-6388-auth.pem 2685s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2685s + valid_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-sub-chain-CA.pem partial_chain 2685s + check_certificate /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 /tmp/sssd-softhsm2-xU4xnd/test-intermediate-sub-chain-CA.pem partial_chain 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_ring=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-sub-chain-CA.pem 2685s + local verify_option=partial_chain 2685s + prepare_softhsm2_card /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local certificate=/tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26155 2685s + local key_cn 2685s + local key_name 2685s + local tokens_dir 2685s + local output_cert_file 2685s + token_name= 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2685s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2685s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s ++ sed -n 's/ *commonName *= //p' 2685s Test Organization Sub Int Token 2685s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2685s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2685s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2685s + tokens_dir=/tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2685s + token_name='Test Organization Sub Int Token' 2685s + '[' '!' -e /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2685s + '[' '!' -d /tmp/sssd-softhsm2-xU4xnd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 2685s + echo 'Test Organization Sub Int Token' 2685s + '[' -n partial_chain ']' 2685s + local verify_arg=--verify=partial_chain 2685s + local output_base_name=SSSD-child-23833 2685s + local output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.pem 2685s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-sub-chain-CA.pem 2685s [p11_child[2557]] [main] (0x0400): p11_child started. 2685s [p11_child[2557]] [main] (0x2000): Running in [pre-auth] mode. 2685s [p11_child[2557]] [main] (0x2000): Running with effective IDs: [0][0]. 2685s [p11_child[2557]] [main] (0x2000): Running with real IDs [0][0]. 2685s [p11_child[2557]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2685s [p11_child[2557]] [do_card] (0x4000): Module List: 2685s [p11_child[2557]] [do_card] (0x4000): common name: [softhsm2]. 2685s [p11_child[2557]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2557]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2685s [p11_child[2557]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2685s [p11_child[2557]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2685s [p11_child[2557]] [do_card] (0x4000): Login NOT required. 2685s [p11_child[2557]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2685s [p11_child[2557]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2685s [p11_child[2557]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2685s [p11_child[2557]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2685s [p11_child[2557]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2685s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.output 2685s + echo '-----BEGIN CERTIFICATE-----' 2685s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.output 2685s + echo '-----END CERTIFICATE-----' 2685s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.pem 2685s + local found_md5 expected_md5 2685s Certificate: 2685s Data: 2685s Version: 3 (0x2) 2685s Serial Number: 5 (0x5) 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2685s Validity 2685s Not Before: Jun 14 16:32:31 2024 GMT 2685s Not After : Jun 14 16:32:31 2025 GMT 2685s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2685s Subject Public Key Info: 2685s Public Key Algorithm: rsaEncryption 2685s Public-Key: (1024 bit) 2685s Modulus: 2685s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2685s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2685s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2685s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2685s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2685s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2685s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2685s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2685s 54:1d:3b:50:4f:52:f1:e0:e1 2685s Exponent: 65537 (0x10001) 2685s X509v3 extensions: 2685s X509v3 Authority Key Identifier: 2685s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2685s X509v3 Basic Constraints: 2685s CA:FALSE 2685s Netscape Cert Type: 2685s SSL Client, S/MIME 2685s Netscape Comment: 2685s Test Organization Sub Intermediate CA trusted Certificate 2685s X509v3 Subject Key Identifier: 2685s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2685s X509v3 Key Usage: critical 2685s Digital Signature, Non Repudiation, Key Encipherment 2685s X509v3 Extended Key Usage: 2685s TLS Web Client Authentication, E-mail Protection 2685s X509v3 Subject Alternative Name: 2685s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2685s Signature Algorithm: sha256WithRSAEncryption 2685s Signature Value: 2685s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2685s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2685s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2685s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2685s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2685s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2685s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2685s 6a:62 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/test-sub-intermediate-CA-trusted-certificate-0001.pem 2685s + expected_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833.pem 2685s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2685s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2685s + output_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.output 2685s ++ basename /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.output .output 2685s + output_cert_file=/tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.pem 2685s + echo -n 053350 2685s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xU4xnd/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2686s [p11_child[2565]] [main] (0x0400): p11_child started. 2686s [p11_child[2565]] [main] (0x2000): Running in [auth] mode. 2686s [p11_child[2565]] [main] (0x2000): Running with effective IDs: [0][0]. 2686s [p11_child[2565]] [main] (0x2000): Running with real IDs [0][0]. 2686s [p11_child[2565]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 2686s [p11_child[2565]] [do_card] (0x4000): Module List: 2686s [p11_child[2565]] [do_card] (0x4000): common name: [softhsm2]. 2686s [p11_child[2565]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2686s [p11_child[2565]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7475062c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 2686s [p11_child[2565]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 2686s [p11_child[2565]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7475062c][1953826348] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 2686s [p11_child[2565]] [do_card] (0x4000): Login required. 2686s [p11_child[2565]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 2686s [p11_child[2565]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 2686s [p11_child[2565]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 2686s [p11_child[2565]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7475062c;slot-manufacturer=SoftHSM%20project;slot-id=1953826348;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c582c297475062c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 2686s [p11_child[2565]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 2686s [p11_child[2565]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 2686s [p11_child[2565]] [do_card] (0x4000): Certificate verified and validated. 2686s [p11_child[2565]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 2686s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.output 2686s + echo '-----BEGIN CERTIFICATE-----' 2686s + tail -n1 /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.output 2686s + echo '-----END CERTIFICATE-----' 2686s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.pem 2686s Certificate: 2686s Data: 2686s Version: 3 (0x2) 2686s Serial Number: 5 (0x5) 2686s Signature Algorithm: sha256WithRSAEncryption 2686s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2686s Validity 2686s Not Before: Jun 14 16:32:31 2024 GMT 2686s Not After : Jun 14 16:32:31 2025 GMT 2686s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2686s Subject Public Key Info: 2686s Public Key Algorithm: rsaEncryption 2686s Public-Key: (1024 bit) 2686s Modulus: 2686s 00:e5:e3:92:ed:32:cc:56:c6:72:32:2f:cd:64:2f: 2686s e6:80:06:fb:f0:19:c5:60:00:38:b1:1c:af:09:52: 2686s 3b:c6:7b:f6:ed:8d:33:14:3d:d2:b9:35:59:af:9a: 2686s cb:b3:c4:b9:76:99:e0:56:56:e4:e9:72:10:8d:1e: 2686s ee:93:4d:fd:16:4d:77:88:ff:76:9f:cd:18:8f:f7: 2686s 7a:55:05:d2:72:fb:fd:cc:7b:b6:06:e6:d0:a3:f5: 2686s d1:7f:a9:2d:71:c9:be:d9:54:98:0b:11:21:bf:26: 2686s a9:be:66:9e:0d:33:f8:55:71:3a:a2:8d:b1:ed:a7: 2686s 54:1d:3b:50:4f:52:f1:e0:e1 2686s Exponent: 65537 (0x10001) 2686s X509v3 extensions: 2686s X509v3 Authority Key Identifier: 2686s B6:40:B1:A7:BF:4E:37:70:7F:B1:65:90:61:BD:58:94:54:CD:E5:29 2686s X509v3 Basic Constraints: 2686s CA:FALSE 2686s Netscape Cert Type: 2686s SSL Client, S/MIME 2686s Netscape Comment: 2686s Test Organization Sub Intermediate CA trusted Certificate 2686s X509v3 Subject Key Identifier: 2686s 4C:D5:0F:5A:66:D1:56:54:71:CA:89:F1:E8:A6:F6:C8:D2:77:20:82 2686s X509v3 Key Usage: critical 2686s Digital Signature, Non Repudiation, Key Encipherment 2686s X509v3 Extended Key Usage: 2686s TLS Web Client Authentication, E-mail Protection 2686s X509v3 Subject Alternative Name: 2686s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2686s Signature Algorithm: sha256WithRSAEncryption 2686s Signature Value: 2686s 3a:c0:67:6d:0f:be:63:b7:1b:87:08:55:73:fb:3e:75:59:7f: 2686s 0f:fd:4b:54:88:1d:bc:91:cb:bc:43:06:3d:9e:17:98:f8:a7: 2686s cf:81:39:2d:b7:db:d2:d5:64:60:a4:99:b1:3f:ab:0a:4a:24: 2686s a4:15:fa:8d:3f:4f:93:12:d6:31:98:11:0c:1a:6e:7a:4b:15: 2686s cc:13:0b:07:29:03:a6:f2:97:ec:dd:a7:26:69:33:60:75:67: 2686s 8c:46:9c:33:6d:5a:1c:8f:cc:c3:45:b9:10:a7:29:fe:22:e8: 2686s 44:af:84:31:af:89:d6:33:ea:38:15:44:19:af:dc:91:1f:fb: 2686s 6a:62 2686s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xU4xnd/SSSD-child-23833-auth.pem 2686s + found_md5=Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 2686s + '[' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 '!=' Modulus=E5E392ED32CC56C672322FCD642FE68006FBF019C5600038B11CAF09523BC67BF6ED8D33143DD2B93559AF9ACBB3C4B97699E05656E4E972108D1EEE934DFD164D7788FF769FCD188FF77A5505D272FBFDCC7BB606E6D0A3F5D17FA92D71C9BED954980B1121BF26A9BE669E0D33F855713AA28DB1EDA7541D3B504F52F1E0E1 ']' 2686s + set +x 2686s 2686s Test completed, Root CA and intermediate issued certificates verified! 2686s autopkgtest [16:32:42]: test sssd-softhism2-certificates-tests.sh: -----------------------] 2687s autopkgtest [16:32:43]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 2687s sssd-softhism2-certificates-tests.sh PASS 2688s autopkgtest [16:32:44]: test sssd-smart-card-pam-auth-configs: preparing testbed 2691s Reading package lists... 2691s Building dependency tree... 2691s Reading state information... 2691s Starting pkgProblemResolver with broken count: 0 2691s Starting 2 pkgProblemResolver with broken count: 0 2691s Done 2692s The following additional packages will be installed: 2692s pamtester 2692s The following NEW packages will be installed: 2692s autopkgtest-satdep pamtester 2692s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 2692s Need to get 12.3 kB/13.0 kB of archives. 2692s After this operation, 36.9 kB of additional disk space will be used. 2692s Get:1 /tmp/autopkgtest.n6V4Ft/4-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [760 B] 2692s Get:2 http://ftpmaster.internal/ubuntu oracular/universe arm64 pamtester arm64 0.1.2-4 [12.3 kB] 2693s Fetched 12.3 kB in 0s (52.8 kB/s) 2694s Selecting previously unselected package pamtester. 2694s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78877 files and directories currently installed.) 2694s Preparing to unpack .../pamtester_0.1.2-4_arm64.deb ... 2694s Unpacking pamtester (0.1.2-4) ... 2694s Selecting previously unselected package autopkgtest-satdep. 2694s Preparing to unpack .../4-autopkgtest-satdep.deb ... 2694s Unpacking autopkgtest-satdep (0) ... 2694s Setting up pamtester (0.1.2-4) ... 2694s Setting up autopkgtest-satdep (0) ... 2694s Processing triggers for man-db (2.12.1-2) ... 2703s (Reading database ... 78883 files and directories currently installed.) 2703s Removing autopkgtest-satdep (0) ... 2704s autopkgtest [16:33:00]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 2704s autopkgtest [16:33:00]: test sssd-smart-card-pam-auth-configs: [----------------------- 2704s + '[' -z ubuntu ']' 2704s + export DEBIAN_FRONTEND=noninteractive 2704s + DEBIAN_FRONTEND=noninteractive 2704s + required_tools=(pamtester softhsm2-util sssd) 2704s + [[ ! -v OFFLINE_MODE ]] 2704s + for cmd in "${required_tools[@]}" 2704s + command -v pamtester 2704s + for cmd in "${required_tools[@]}" 2704s + command -v softhsm2-util 2704s + for cmd in "${required_tools[@]}" 2704s + command -v sssd 2704s + PIN=123456 2704s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 2704s + tmpdir=/tmp/sssd-softhsm2-certs-qsc7rI 2704s + backupsdir= 2704s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 2704s + declare -a restore_paths 2704s + declare -a delete_paths 2704s + trap handle_exit EXIT 2704s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 2704s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 2704s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 2704s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 2704s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-qsc7rI GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 2704s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-qsc7rI 2704s + GENERATE_SMART_CARDS=1 2704s + KEEP_TEMPORARY_FILES=1 2704s + NO_SSSD_TESTS=1 2704s + bash debian/tests/sssd-softhism2-certificates-tests.sh 2704s + '[' -z ubuntu ']' 2704s + required_tools=(p11tool openssl softhsm2-util) 2704s + for cmd in "${required_tools[@]}" 2704s + command -v p11tool 2704s + for cmd in "${required_tools[@]}" 2704s + command -v openssl 2704s + for cmd in "${required_tools[@]}" 2704s + command -v softhsm2-util 2704s + PIN=123456 2704s +++ find /usr/lib/softhsm/libsofthsm2.so 2704s +++ head -n 1 2704s ++ realpath /usr/lib/softhsm/libsofthsm2.so 2704s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 2704s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 2704s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 2704s + '[' '!' -v NO_SSSD_TESTS ']' 2704s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 2704s + tmpdir=/tmp/sssd-softhsm2-certs-qsc7rI 2704s + keys_size=1024 2704s + [[ ! -v KEEP_TEMPORARY_FILES ]] 2704s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 2704s + echo -n 01 2704s + touch /tmp/sssd-softhsm2-certs-qsc7rI/index.txt 2704s + mkdir -p /tmp/sssd-softhsm2-certs-qsc7rI/new_certs 2704s + cat 2704s + root_ca_key_pass=pass:random-root-CA-password-30013 2704s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-key.pem -passout pass:random-root-CA-password-30013 1024 2705s + openssl req -passin pass:random-root-CA-password-30013 -batch -config /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem 2705s + cat 2705s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-25846 2705s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25846 1024 2705s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-25846 -config /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-30013 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-certificate-request.pem 2705s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-certificate-request.pem 2705s Certificate Request: 2705s Data: 2705s Version: 1 (0x0) 2705s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2705s Subject Public Key Info: 2705s Public Key Algorithm: rsaEncryption 2705s Public-Key: (1024 bit) 2705s Modulus: 2705s 00:c5:f4:3c:74:f1:25:16:8f:de:73:3a:ff:a7:31: 2705s 22:e8:62:a3:22:1e:fd:67:d5:79:75:96:0f:11:b7: 2705s dd:a5:b1:22:c4:59:03:0e:6c:98:97:2d:75:3a:56: 2705s d6:00:5d:eb:eb:d9:7c:3b:03:f4:3a:02:1a:be:12: 2705s 78:46:a8:52:ae:d4:37:ac:ce:24:e9:d9:75:55:8f: 2705s 8a:11:08:ef:3f:b8:ce:93:ca:05:85:0e:bc:e0:c2: 2705s 4f:9f:cd:3e:68:66:3d:c7:16:0b:af:8f:92:4f:cb: 2705s e2:64:07:8c:19:6b:59:ca:ce:30:f3:42:39:c7:e3: 2705s 06:6b:97:47:57:9c:f4:34:f3 2705s Exponent: 65537 (0x10001) 2705s Attributes: 2705s (none) 2705s Requested Extensions: 2705s Signature Algorithm: sha256WithRSAEncryption 2705s Signature Value: 2705s 3e:ea:62:3e:0c:c9:9c:68:b2:3b:7c:40:de:5d:fb:a0:44:45: 2705s 35:8a:62:10:e2:a6:f6:76:12:58:22:bf:a7:b6:50:0f:18:ba: 2705s e8:60:88:4f:fc:ea:55:00:7d:e6:13:09:f3:57:6b:d2:23:dc: 2705s d6:51:0f:37:5f:b8:16:e4:5d:92:67:9a:74:57:ba:94:7f:a8: 2705s 0f:ae:35:f9:66:64:d7:2c:55:bd:0a:ba:a2:f4:86:0a:a6:dd: 2705s c4:d8:7e:4b:ba:49:6c:43:67:33:73:3e:ec:e2:4d:76:dd:e6: 2705s 23:33:c4:a4:53:6d:50:bc:da:00:77:c4:6e:b8:93:7b:df:d2: 2705s 6c:62 2705s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.config -passin pass:random-root-CA-password-30013 -keyfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem 2705s Using configuration from /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.config 2705s Check that the request matches the signature 2705s Signature ok 2705s Certificate Details: 2705s Serial Number: 1 (0x1) 2705s Validity 2705s Not Before: Jun 14 16:33:01 2024 GMT 2705s Not After : Jun 14 16:33:01 2025 GMT 2705s Subject: 2705s organizationName = Test Organization 2705s organizationalUnitName = Test Organization Unit 2705s commonName = Test Organization Intermediate CA 2705s X509v3 extensions: 2705s X509v3 Subject Key Identifier: 2705s 26:32:F9:85:ED:9E:36:AF:26:A2:A6:49:A5:62:82:2C:14:38:74:B0 2705s X509v3 Authority Key Identifier: 2705s keyid:12:02:A5:F0:DE:A7:2D:C1:C7:44:C1:28:7A:A2:2C:D3:76:C6:4E:C1 2705s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 2705s serial:00 2705s X509v3 Basic Constraints: 2705s CA:TRUE 2705s X509v3 Key Usage: critical 2705s Digital Signature, Certificate Sign, CRL Sign 2705s Certificate is to be certified until Jun 14 16:33:01 2025 GMT (365 days) 2705s 2705s Write out database with 1 new entries 2705s Database updated 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem: OK 2705s + cat 2705s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-7088 2705s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-7088 1024 2705s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-7088 -config /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25846 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-certificate-request.pem 2705s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-certificate-request.pem 2705s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-25846 -keyfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s Certificate Request: 2705s Data: 2705s Version: 1 (0x0) 2705s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2705s Subject Public Key Info: 2705s Public Key Algorithm: rsaEncryption 2705s Public-Key: (1024 bit) 2705s Modulus: 2705s 00:ef:f3:16:78:67:d2:88:c6:80:7b:c3:92:7d:83: 2705s 8a:2a:e3:8f:7f:d5:3f:de:b4:0f:be:f1:19:21:ee: 2705s 1a:06:b4:ce:4a:1b:3c:38:b6:77:68:67:1d:53:22: 2705s 2c:6e:08:e6:9c:74:ae:c4:5e:e6:1f:b3:4d:59:7d: 2705s 6a:2d:a1:7c:47:02:e2:02:d3:64:8a:3a:62:af:db: 2705s bf:9d:ea:de:f2:da:5a:35:02:83:86:95:25:4c:f3: 2705s 3c:d4:65:f1:50:fb:dd:99:8f:8d:33:41:64:be:fc: 2705s d9:85:13:aa:c6:e1:c3:58:fa:d0:a2:f0:1b:4a:78: 2705s ee:d3:a2:3c:01:be:7b:25:15 2705s Exponent: 65537 (0x10001) 2705s Attributes: 2705s (none) 2705s Requested Extensions: 2705s Signature Algorithm: sha256WithRSAEncryption 2705s Signature Value: 2705s 7b:ec:8c:67:bb:8c:95:d2:b6:a8:98:9f:23:9b:d4:e7:0a:55: 2705s 9c:7d:27:cb:cd:33:38:e3:ee:f4:6f:81:6b:07:59:c3:08:3f: 2705s 1d:cf:2d:86:7a:e7:ea:29:ef:7e:d8:b7:d6:e3:09:f3:e4:55: 2705s 3d:4a:3b:13:74:5d:45:51:3c:60:fe:15:13:a9:d4:b7:e8:49: 2705s 0d:8d:fb:fd:5a:20:1a:c8:d0:30:5c:54:e6:61:ce:52:09:a9: 2705s dd:3d:b9:c6:68:22:51:a0:95:3d:cd:38:8e:2b:05:91:43:80: 2705s 14:de:a4:df:73:51:d9:1e:5b:b7:dd:8c:33:c9:37:40:e8:ce: 2705s ea:d8 2705s Using configuration from /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.config 2705s Check that the request matches the signature 2705s Signature ok 2705s Certificate Details: 2705s Serial Number: 2 (0x2) 2705s Validity 2705s Not Before: Jun 14 16:33:01 2024 GMT 2705s Not After : Jun 14 16:33:01 2025 GMT 2705s Subject: 2705s organizationName = Test Organization 2705s organizationalUnitName = Test Organization Unit 2705s commonName = Test Organization Sub Intermediate CA 2705s X509v3 extensions: 2705s X509v3 Subject Key Identifier: 2705s FF:EC:65:ED:5D:72:81:CF:D5:4B:83:CA:30:32:61:29:E6:41:FA:94 2705s X509v3 Authority Key Identifier: 2705s keyid:26:32:F9:85:ED:9E:36:AF:26:A2:A6:49:A5:62:82:2C:14:38:74:B0 2705s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 2705s serial:01 2705s X509v3 Basic Constraints: 2705s CA:TRUE 2705s X509v3 Key Usage: critical 2705s Digital Signature, Certificate Sign, CRL Sign 2705s Certificate is to be certified until Jun 14 16:33:01 2025 GMT (365 days) 2705s 2705s Write out database with 1 new entries 2705s Database updated 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem: OK 2705s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2705s error 20 at 0 depth lookup: unable to get local issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem: verification failed 2705s + cat 2705s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-3361 2705s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-3361 1024 2705s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-3361 -key /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-request.pem 2705s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-request.pem 2705s Certificate Request: 2705s Data: 2705s Version: 1 (0x0) 2705s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2705s Subject Public Key Info: 2705s Public Key Algorithm: rsaEncryption 2705s Public-Key: (1024 bit) 2705s Modulus: 2705s 00:d3:a5:d7:ba:c0:43:08:d8:c4:cc:67:ba:1e:5f: 2705s 71:91:bf:95:ab:7c:fc:4c:49:0f:34:74:c3:1b:1f: 2705s 0a:f6:ac:c0:b6:25:bc:26:52:c4:32:df:12:80:91: 2705s c9:12:2d:12:8f:b3:9c:d3:9e:7a:75:36:71:31:f0: 2705s 86:d7:07:07:a4:32:51:26:41:32:db:b3:9c:ff:f8: 2705s 53:fd:73:e9:2c:28:d7:f5:6a:f2:99:84:32:40:a7: 2705s e7:e5:93:af:75:11:95:76:b1:20:26:2a:00:13:86: 2705s 20:52:1a:19:aa:98:d2:99:bf:e8:dc:8c:3b:d6:14: 2705s 9a:e8:2d:9f:3b:5f:34:cc:67 2705s Exponent: 65537 (0x10001) 2705s Attributes: 2705s Requested Extensions: 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Root CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 66:21:32:A1:FB:8D:A9:15:EA:9B:8E:B4:37:03:62:4E:AB:BA:AE:24 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Signature Algorithm: sha256WithRSAEncryption 2705s Signature Value: 2705s 7f:6c:48:1d:b0:2b:4b:89:f4:d8:f8:2d:7a:23:50:aa:08:6a: 2705s 1b:40:d6:82:ac:d1:8b:a9:5a:b4:8a:ac:00:6d:90:e6:f2:76: 2705s 42:56:e1:53:a6:26:ab:2e:06:36:90:31:f1:a9:fe:fe:8b:ac: 2705s 35:ff:df:3f:c3:84:5c:2a:c6:8c:2d:49:f7:c7:f9:e7:ae:23: 2705s 60:52:e5:42:62:91:d2:3d:ba:71:0f:89:da:32:56:e9:fa:c0: 2705s a5:ca:1f:b2:33:86:03:4b:2d:ce:2b:d5:51:9d:4d:c0:27:36: 2705s 1e:c5:41:ef:3f:a1:a7:82:38:4f:78:a4:51:04:af:f9:43:b1: 2705s 24:9a 2705s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.config -passin pass:random-root-CA-password-30013 -keyfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s Using configuration from /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.config 2705s Check that the request matches the signature 2705s Signature ok 2705s Certificate Details: 2705s Serial Number: 3 (0x3) 2705s Validity 2705s Not Before: Jun 14 16:33:01 2024 GMT 2705s Not After : Jun 14 16:33:01 2025 GMT 2705s Subject: 2705s organizationName = Test Organization 2705s organizationalUnitName = Test Organization Unit 2705s commonName = Test Organization Root Trusted Certificate 0001 2705s X509v3 extensions: 2705s X509v3 Authority Key Identifier: 2705s 12:02:A5:F0:DE:A7:2D:C1:C7:44:C1:28:7A:A2:2C:D3:76:C6:4E:C1 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Root CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 66:21:32:A1:FB:8D:A9:15:EA:9B:8E:B4:37:03:62:4E:AB:BA:AE:24 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Certificate is to be certified until Jun 14 16:33:01 2025 GMT (365 days) 2705s 2705s Write out database with 1 new entries 2705s Database updated 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem: OK 2705s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 2705s error 20 at 0 depth lookup: unable to get local issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem: verification failed 2705s + cat 2705s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-14819 2705s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-14819 1024 2705s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-14819 -key /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-request.pem 2705s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-request.pem 2705s Certificate Request: 2705s Data: 2705s Version: 1 (0x0) 2705s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 2705s Subject Public Key Info: 2705s Public Key Algorithm: rsaEncryption 2705s Public-Key: (1024 bit) 2705s Modulus: 2705s 00:c3:d8:f3:72:e1:40:35:75:01:dd:fc:44:2d:99: 2705s f0:ba:89:2f:51:42:b6:5a:be:af:95:f0:0d:e4:66: 2705s 42:18:c4:d3:8c:67:80:64:79:92:8f:42:ff:29:d0: 2705s d6:7c:73:3d:69:21:ef:a2:14:b6:a2:cc:81:67:80: 2705s 3c:bb:6a:6d:9b:8f:fb:3a:24:22:4c:1e:2a:cd:73: 2705s 09:20:1d:70:16:df:b7:94:a2:30:52:92:38:0a:78: 2705s 79:88:85:9a:70:b5:43:2a:82:99:25:2e:1d:f0:44: 2705s e2:40:04:d4:ed:23:80:93:02:a5:0f:05:10:6f:8a: 2705s 8a:61:e2:c2:2b:af:3f:83:8d 2705s Exponent: 65537 (0x10001) 2705s Attributes: 2705s Requested Extensions: 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Intermediate CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 54:46:92:2F:D8:09:50:64:6C:2C:9E:84:9C:D2:3F:8C:98:30:59:19 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Signature Algorithm: sha256WithRSAEncryption 2705s Signature Value: 2705s 17:21:cb:fc:b8:2d:e9:d1:e7:5c:ac:19:ce:1a:ed:19:79:16: 2705s 64:1f:32:17:de:f2:1a:a6:aa:9a:10:52:73:c3:6f:0d:b0:42: 2705s b9:db:d6:7a:61:0b:40:25:75:df:cd:1c:b3:12:d0:b4:7f:e5: 2705s 36:d8:f9:21:78:08:a5:94:f8:06:63:9c:12:de:90:7c:e4:29: 2705s 36:63:56:3d:d5:e7:c5:b0:e8:a8:5a:08:94:6f:a9:1f:df:2a: 2705s e6:e2:06:50:5f:b0:d1:7e:8d:52:a5:6d:ab:e1:9a:f4:94:b1: 2705s f0:ef:b3:b2:a5:33:24:0b:53:b3:56:73:c7:fe:ba:7f:eb:82: 2705s ca:1a 2705s + openssl ca -passin pass:random-intermediate-CA-password-25846 -config /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s Using configuration from /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.config 2705s Check that the request matches the signature 2705s Signature ok 2705s Certificate Details: 2705s Serial Number: 4 (0x4) 2705s Validity 2705s Not Before: Jun 14 16:33:01 2024 GMT 2705s Not After : Jun 14 16:33:01 2025 GMT 2705s Subject: 2705s organizationName = Test Organization 2705s organizationalUnitName = Test Organization Unit 2705s commonName = Test Organization Intermediate Trusted Certificate 0001 2705s X509v3 extensions: 2705s X509v3 Authority Key Identifier: 2705s 26:32:F9:85:ED:9E:36:AF:26:A2:A6:49:A5:62:82:2C:14:38:74:B0 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Intermediate CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 54:46:92:2F:D8:09:50:64:6C:2C:9E:84:9C:D2:3F:8C:98:30:59:19 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Certificate is to be certified until Jun 14 16:33:01 2025 GMT (365 days) 2705s 2705s Write out database with 1 new entries 2705s Database updated 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s This certificate should not be trusted fully 2705s + echo 'This certificate should not be trusted fully' 2705s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2705s error 2 at 1 depth lookup: unable to get issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 2705s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem: OK 2705s + cat 2705s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20035 2705s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-20035 1024 2705s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20035 -key /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 2705s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 2705s Certificate Request: 2705s Data: 2705s Version: 1 (0x0) 2705s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2705s Subject Public Key Info: 2705s Public Key Algorithm: rsaEncryption 2705s Public-Key: (1024 bit) 2705s Modulus: 2705s 00:a6:0f:23:d7:29:cc:eb:6b:aa:e9:cd:a0:19:1f: 2705s c3:0b:c5:0f:26:05:9e:6a:18:b5:af:40:a8:84:01: 2705s 60:9a:13:a0:2e:e6:c2:0b:dc:5d:72:ab:9b:39:d4: 2705s 33:69:c3:96:51:b8:30:6d:4f:33:55:26:ea:c8:e4: 2705s 85:87:ff:f1:b6:f0:64:39:ef:e2:88:51:2f:b5:7f: 2705s 89:db:dd:3b:c2:d6:f9:a6:9a:0f:6b:f1:22:e5:42: 2705s 41:56:f7:fe:c3:47:36:7a:0e:49:35:d1:ce:47:c4: 2705s 8c:92:19:5f:97:1f:3a:ee:94:0b:8c:bd:34:df:db: 2705s 3f:69:8e:14:00:c8:d4:6c:09 2705s Exponent: 65537 (0x10001) 2705s Attributes: 2705s Requested Extensions: 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Sub Intermediate CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 65:45:D4:20:6F:8F:57:43:9A:B8:55:51:5B:E1:FA:9E:77:98:E1:E0 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Signature Algorithm: sha256WithRSAEncryption 2705s Signature Value: 2705s 30:53:c0:44:67:ee:4d:5d:6f:c3:b7:8e:74:13:d6:c8:61:34: 2705s 16:a8:3b:d9:68:a5:e6:3f:bc:9d:c1:b8:cb:c4:55:e8:be:fe: 2705s bf:4d:5d:99:53:ea:f7:0b:56:cd:fe:80:c8:8b:1d:c6:ca:dc: 2705s 04:94:9b:07:57:ba:37:fb:b4:08:f7:c5:29:76:c9:8d:c4:70: 2705s c0:83:59:98:fe:3d:22:55:b4:ba:f5:61:16:be:73:8c:db:2c: 2705s fa:3d:fd:47:3e:34:c3:79:e6:37:83:82:e7:23:66:c7:7f:13: 2705s a0:fc:cd:cd:3d:82:18:ed:3f:47:a5:16:51:10:5e:b7:64:64: 2705s e8:7f 2705s + openssl ca -passin pass:random-sub-intermediate-CA-password-7088 -config /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s Using configuration from /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.config 2705s Check that the request matches the signature 2705s Signature ok 2705s Certificate Details: 2705s Serial Number: 5 (0x5) 2705s Validity 2705s Not Before: Jun 14 16:33:01 2024 GMT 2705s Not After : Jun 14 16:33:01 2025 GMT 2705s Subject: 2705s organizationName = Test Organization 2705s organizationalUnitName = Test Organization Unit 2705s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 2705s X509v3 extensions: 2705s X509v3 Authority Key Identifier: 2705s FF:EC:65:ED:5D:72:81:CF:D5:4B:83:CA:30:32:61:29:E6:41:FA:94 2705s X509v3 Basic Constraints: 2705s CA:FALSE 2705s Netscape Cert Type: 2705s SSL Client, S/MIME 2705s Netscape Comment: 2705s Test Organization Sub Intermediate CA trusted Certificate 2705s X509v3 Subject Key Identifier: 2705s 65:45:D4:20:6F:8F:57:43:9A:B8:55:51:5B:E1:FA:9E:77:98:E1:E0 2705s X509v3 Key Usage: critical 2705s Digital Signature, Non Repudiation, Key Encipherment 2705s X509v3 Extended Key Usage: 2705s TLS Web Client Authentication, E-mail Protection 2705s X509v3 Subject Alternative Name: 2705s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 2705s Certificate is to be certified until Jun 14 16:33:01 2025 GMT (365 days) 2705s 2705s Write out database with 1 new entries 2705s Database updated 2705s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s This certificate should not be trusted fully 2705s + echo 'This certificate should not be trusted fully' 2705s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2705s error 2 at 1 depth lookup: unable to get issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2705s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2705s error 20 at 0 depth lookup: unable to get local issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2705s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 2705s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s + local cmd=openssl 2705s + shift 2705s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 2705s error 20 at 0 depth lookup: unable to get local issuer certificate 2705s error /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 2705s + echo 'Building a the full-chain CA file...' 2705s + cat /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s Building a the full-chain CA file... 2705s + cat /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem 2705s + cat /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2705s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem 2705s + openssl pkcs7 -print_certs -noout 2705s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2705s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2705s 2705s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2705s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 2705s 2705s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 2705s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 2705s 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA.pem: OK 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem: OK 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem: OK 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-root-intermediate-chain-CA.pem 2705s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-root-intermediate-chain-CA.pem: OK 2705s /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 2705s + echo 'Certificates generation completed!' 2705s Certificates generation completed! 2705s + [[ -v NO_SSSD_TESTS ]] 2705s + [[ -v GENERATE_SMART_CARDS ]] 2705s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-3361 2705s + local certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s + local key_pass=pass:random-root-ca-trusted-cert-0001-3361 2705s + local key_cn 2705s + local key_name 2705s + local tokens_dir 2705s + local output_cert_file 2705s + token_name= 2705s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem .pem 2705s + key_name=test-root-CA-trusted-certificate-0001 2705s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem 2705s ++ sed -n 's/ *commonName *= //p' 2705s + key_cn='Test Organization Root Trusted Certificate 0001' 2705s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2705s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf 2705s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf 2705s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 2705s + tokens_dir=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001 2705s + token_name='Test Organization Root Tr Token' 2705s + '[' '!' -e /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 2705s + local key_file 2705s + local decrypted_key 2705s + mkdir -p /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001 2705s + key_file=/tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key.pem 2705s + decrypted_key=/tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2705s + cat 2705s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 2705s Slot 0 has a free/uninitialized token. 2705s The token has been initialized and is reassigned to slot 603700849 2705s + softhsm2-util --show-slots 2705s Available slots: 2705s Slot 603700849 2705s Slot info: 2705s Description: SoftHSM slot ID 0x23fbbe71 2705s Manufacturer ID: SoftHSM project 2705s Hardware version: 2.6 2705s Firmware version: 2.6 2705s Token present: yes 2705s Token info: 2705s Manufacturer ID: SoftHSM project 2705s Model: SoftHSM v2 2705s Hardware version: 2.6 2705s Firmware version: 2.6 2705s Serial number: db391f0b23fbbe71 2705s Initialized: yes 2705s User PIN init.: yes 2705s Label: Test Organization Root Tr Token 2705s Slot 1 2705s Slot info: 2705s Description: SoftHSM slot ID 0x1 2705s Manufacturer ID: SoftHSM project 2705s Hardware version: 2.6 2705s Firmware version: 2.6 2705s Token present: yes 2705s Token info: 2705s Manufacturer ID: SoftHSM project 2705s Model: SoftHSM v2 2705s Hardware version: 2.6 2705s Firmware version: 2.6 2705s Serial number: 2705s Initialized: no 2705s User PIN init.: no 2705s Label: 2705s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2705s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-3361 -in /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2705s writing RSA key 2705s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2705s + rm /tmp/sssd-softhsm2-certs-qsc7rI/test-root-CA-trusted-certificate-0001-key-decrypted.pem 2705s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2705s Object 0: 2705s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=db391f0b23fbbe71;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 2705s Type: X.509 Certificate (RSA-1024) 2705s Expires: Sat Jun 14 16:33:01 2025 2705s Label: Test Organization Root Trusted Certificate 0001 2705s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2705s 2705s Test Organization Root Tr Token 2705s + echo 'Test Organization Root Tr Token' 2705s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-14819 2705s + local certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-14819 2705s + local key_cn 2705s + local key_name 2705s + local tokens_dir 2705s + local output_cert_file 2705s + token_name= 2705s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem .pem 2705s + key_name=test-intermediate-CA-trusted-certificate-0001 2705s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem 2705s ++ sed -n 's/ *commonName *= //p' 2705s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 2705s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2705s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2705s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 2705s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 2705s + tokens_dir=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001 2705s + token_name='Test Organization Interme Token' 2705s + '[' '!' -e /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 2705s + local key_file 2705s + local decrypted_key 2705s + mkdir -p /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-intermediate-CA-trusted-certificate-0001 2705s + key_file=/tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key.pem 2705s + decrypted_key=/tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2705s + cat 2705s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 2706s Slot 0 has a free/uninitialized token. 2706s The token has been initialized and is reassigned to slot 24514748 2706s + softhsm2-util --show-slots 2706s Available slots: 2706s Slot 24514748 2706s Slot info: 2706s Description: SoftHSM slot ID 0x17610bc 2706s Manufacturer ID: SoftHSM project 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Token present: yes 2706s Token info: 2706s Manufacturer ID: SoftHSM project 2706s Model: SoftHSM v2 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Serial number: cf931594017610bc 2706s Initialized: yes 2706s User PIN init.: yes 2706s Label: Test Organization Interme Token 2706s Slot 1 2706s Slot info: 2706s Description: SoftHSM slot ID 0x1 2706s Manufacturer ID: SoftHSM project 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Token present: yes 2706s Token info: 2706s Manufacturer ID: SoftHSM project 2706s Model: SoftHSM v2 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Serial number: 2706s Initialized: no 2706s User PIN init.: no 2706s Label: 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2706s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-14819 -in /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2706s writing RSA key 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2706s + rm /tmp/sssd-softhsm2-certs-qsc7rI/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2706s + echo 'Test Organization Interme Token' 2706s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20035 2706s + local certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2706s Object 0: 2706s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cf931594017610bc;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 2706s Type: X.509 Certificate (RSA-1024) 2706s Expires: Sat Jun 14 16:33:01 2025 2706s Label: Test Organization Intermediate Trusted Certificate 0001 2706s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2706s 2706s Test Organization Interme Token 2706s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20035 2706s + local key_cn 2706s + local key_name 2706s + local tokens_dir 2706s + local output_cert_file 2706s + token_name= 2706s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 2706s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 2706s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem 2706s ++ sed -n 's/ *commonName *= //p' 2706s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 2706s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 2706s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2706s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2706s ++ basename /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 2706s + tokens_dir=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2706s + token_name='Test Organization Sub Int Token' 2706s + '[' '!' -e /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 2706s + local key_file 2706s + local decrypted_key 2706s + mkdir -p /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 2706s + key_file=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 2706s + decrypted_key=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2706s + cat 2706s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 2706s Slot 0 has a free/uninitialized token. 2706s The token has been initialized and is reassigned to slot 481771542 2706s + softhsm2-util --show-slots 2706s Available slots: 2706s Slot 481771542 2706s Slot info: 2706s Description: SoftHSM slot ID 0x1cb74016 2706s Manufacturer ID: SoftHSM project 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Token present: yes 2706s Token info: 2706s Manufacturer ID: SoftHSM project 2706s Model: SoftHSM v2 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Serial number: 0964d2c89cb74016 2706s Initialized: yes 2706s User PIN init.: yes 2706s Label: Test Organization Sub Int Token 2706s Slot 1 2706s Slot info: 2706s Description: SoftHSM slot ID 0x1 2706s Manufacturer ID: SoftHSM project 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Token present: yes 2706s Token info: 2706s Manufacturer ID: SoftHSM project 2706s Model: SoftHSM v2 2706s Hardware version: 2.6 2706s Firmware version: 2.6 2706s Serial number: 2706s Initialized: no 2706s User PIN init.: no 2706s Label: 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 2706s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20035 -in /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2706s writing RSA key 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 2706s + rm /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 2706s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 2706s Object 0: 2706s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0964d2c89cb74016;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 2706s Type: X.509 Certificate (RSA-1024) 2706s Expires: Sat Jun 14 16:33:01 2025 2706s Label: Test Organization Sub Intermediate Trusted Certificate 0001 2706s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 2706s 2706s + echo 'Test Organization Sub Int Token' 2706s Test Organization Sub Int Token 2706s Certificates generation completed! 2706s + echo 'Certificates generation completed!' 2706s + exit 0 2706s + find /tmp/sssd-softhsm2-certs-qsc7rI -type d -exec chmod 777 '{}' ';' 2706s + find /tmp/sssd-softhsm2-certs-qsc7rI -type f -exec chmod 666 '{}' ';' 2706s + backup_file /etc/sssd/sssd.conf 2706s + '[' -z '' ']' 2706s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 2706s + backupsdir=/tmp/sssd-softhsm2-backups-WfSxk4 2706s + '[' -e /etc/sssd/sssd.conf ']' 2706s + delete_paths+=("$1") 2706s + rm -f /etc/sssd/sssd.conf 2706s ++ runuser -u ubuntu -- sh -c 'echo ~' 2706s + user_home=/home/ubuntu 2706s + mkdir -p /home/ubuntu 2706s + chown ubuntu:ubuntu /home/ubuntu 2706s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 2706s + user_config=/home/ubuntu/.config 2706s + system_config=/etc 2706s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 2706s + for path_pair in "${softhsm2_conf_paths[@]}" 2706s + IFS=: 2706s + read -r -a path 2706s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 2706s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 2706s + '[' -z /tmp/sssd-softhsm2-backups-WfSxk4 ']' 2706s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 2706s + delete_paths+=("$1") 2706s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 2706s + for path_pair in "${softhsm2_conf_paths[@]}" 2706s + IFS=: 2706s + read -r -a path 2706s + path=/etc/softhsm/softhsm2.conf 2706s + backup_file /etc/softhsm/softhsm2.conf 2706s + '[' -z /tmp/sssd-softhsm2-backups-WfSxk4 ']' 2706s + '[' -e /etc/softhsm/softhsm2.conf ']' 2706s ++ dirname /etc/softhsm/softhsm2.conf 2706s + local back_dir=/tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm 2706s ++ basename /etc/softhsm/softhsm2.conf 2706s + local back_path=/tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm/softhsm2.conf 2706s + '[' '!' -e /tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm/softhsm2.conf ']' 2706s + mkdir -p /tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm 2706s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm/softhsm2.conf 2706s + restore_paths+=("$back_path") 2706s + rm -f /etc/softhsm/softhsm2.conf 2706s Using CA DB '/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem' with verification options: '' 2706s + test_authentication login /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem 2706s + pam_service=login 2706s + certificate_config=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf 2706s + ca_db=/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem 2706s + verification_options= 2706s + mkdir -p -m 700 /etc/sssd 2706s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 2706s + cat 2706s + chmod 600 /etc/sssd/sssd.conf 2706s + for path_pair in "${softhsm2_conf_paths[@]}" 2706s + IFS=: 2706s + read -r -a path 2706s + user=ubuntu 2706s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 2706s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 2706s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 2706s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 2706s + runuser -u ubuntu -- softhsm2-util --show-slots 2706s + grep 'Test Organization' 2706s Label: Test Organization Root Tr Token 2706s + for path_pair in "${softhsm2_conf_paths[@]}" 2706s + IFS=: 2706s + read -r -a path 2706s + user=root 2706s + path=/etc/softhsm/softhsm2.conf 2706s ++ dirname /etc/softhsm/softhsm2.conf 2706s + runuser -u root -- mkdir -p /etc/softhsm 2706s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 2706s + runuser -u root -- softhsm2-util --show-slots 2706s + grep 'Test Organization' 2706s Label: Test Organization Root Tr Token 2706s + systemctl restart sssd 2706s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 2707s + for alternative in "${alternative_pam_configs[@]}" 2707s + pam-auth-update --enable sss-smart-card-optional 2707s + cat /etc/pam.d/common-auth 2707s # 2707s # /etc/pam.d/common-auth - authentication settings common to all services 2707s # 2707s # This file is included from other service-specific PAM config files, 2707s # and should contain a list of the authentication modules that define 2707s # the central authentication scheme for use on the system 2707s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2707s # traditional Unix authentication mechanisms. 2707s # 2707s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2707s # To take advantage of this, it is recommended that you configure any 2707s # local modules either before or after the default block, and use 2707s # pam-auth-update to manage selection of other modules. See 2707s # pam-auth-update(8) for details. 2707s 2707s # here are the per-package modules (the "Primary" block) 2707s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 2707s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2707s auth [success=1 default=ignore] pam_sss.so use_first_pass 2707s # here's the fallback if no module succeeds 2707s auth requisite pam_deny.so 2707s # prime the stack with a positive return value if there isn't one already; 2707s # this avoids us returning an error just because nothing sets a success code 2707s # since the modules above will each just jump around 2707s auth required pam_permit.so 2707s # and here are more per-package modules (the "Additional" block) 2707s auth optional pam_cap.so 2707s # end of pam-auth-update config 2707s + echo -n -e 123456 2707s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2707s pamtester: invoking pam_start(login, ubuntu, ...) 2707s pamtester: performing operation - authenticate 2707s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 2707s + echo -n -e 123456 2707s + runuser -u ubuntu -- pamtester -v login '' authenticate 2707s pamtester: invoking pam_start(login, , ...) 2707s pamtester: performing operation - authenticate 2707s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 2707s + echo -n -e wrong123456 2707s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2707s pamtester: invoking pam_start(login, ubuntu, ...) 2707s pamtester: performing operation - authenticate 2710s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 2710s + echo -n -e wrong123456 2710s + runuser -u ubuntu -- pamtester -v login '' authenticate 2710s pamtester: invoking pam_start(login, , ...) 2710s pamtester: performing operation - authenticate 2714s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 2714s + echo -n -e 123456 2714s + pamtester -v login root authenticate 2714s pamtester: invoking pam_start(login, root, ...) 2714s pamtester: performing operation - authenticate 2718s Password: pamtester: Authentication failure 2718s + for alternative in "${alternative_pam_configs[@]}" 2718s + pam-auth-update --enable sss-smart-card-required 2718s PAM configuration 2718s ----------------- 2718s 2718s Incompatible PAM profiles selected. 2718s 2718s The following PAM profiles cannot be used together: 2718s 2718s SSS required smart card authentication, SSS optional smart card 2718s authentication 2718s 2718s Please select a different set of modules to enable. 2718s 2718s + cat /etc/pam.d/common-auth 2718s # 2718s # /etc/pam.d/common-auth - authentication settings common to all services 2718s # 2718s # This file is included from other service-specific PAM config files, 2718s # and should contain a list of the authentication modules that define 2718s # the central authentication scheme for use on the system 2718s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2718s # traditional Unix authentication mechanisms. 2718s # 2718s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2718s # To take advantage of this, it is recommended that you configure any 2718s # local modules either before or after the default block, and use 2718s # pam-auth-update to manage selection of other modules. See 2718s # pam-auth-update(8) for details. 2718s 2718s # here are the per-package modules (the "Primary" block) 2718s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 2718s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2718s auth [success=1 default=ignore] pam_sss.so use_first_pass 2718s # here's the fallback if no module succeeds 2718s auth requisite pam_deny.so 2718s # prime the stack with a positive return value if there isn't one already; 2718s # this avoids us returning an error just because nothing sets a success code 2718s # since the modules above will each just jump around 2718s auth required pam_permit.so 2718s # and here are more per-package modules (the "Additional" block) 2718s auth optional pam_cap.so 2718s # end of pam-auth-update config 2718s + echo -n -e 123456 2718s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2718s pamtester: invoking pam_start(login, ubuntu, ...) 2718s pamtester: performing operation - authenticate 2719s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 2719s + echo -n -e 123456 2719s + runuser -u ubuntu -- pamtester -v login '' authenticate 2719s pamtester: invoking pam_start(login, , ...) 2719s pamtester: performing operation - authenticate 2719s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 2719s + echo -n -e wrong123456 2719s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2719s pamtester: invoking pam_start(login, ubuntu, ...) 2719s pamtester: performing operation - authenticate 2722s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 2722s + echo -n -e wrong123456 2722s + runuser -u ubuntu -- pamtester -v login '' authenticate 2722s pamtester: invoking pam_start(login, , ...) 2722s pamtester: performing operation - authenticate 2726s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 2726s + echo -n -e 123456 2726s + pamtester -v login root authenticate 2726s pamtester: invoking pam_start(login, root, ...) 2726s pamtester: performing operation - authenticate 2729s pamtester: Authentication service cannot retrieve authentication info 2729s + test_authentication login /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem 2729s + pam_service=login 2729s + certificate_config=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2729s + ca_db=/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem 2729s + verification_options= 2729s + mkdir -p -m 700 /etc/sssd 2729s Using CA DB '/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem' with verification options: '' 2729s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-qsc7rI/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 2729s + cat 2729s + chmod 600 /etc/sssd/sssd.conf 2729s + for path_pair in "${softhsm2_conf_paths[@]}" 2729s + IFS=: 2729s + read -r -a path 2729s + user=ubuntu 2729s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 2729s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 2729s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 2729s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 2729s + runuser -u ubuntu -- softhsm2-util --show-slots 2729s + grep 'Test Organization' 2729s Label: Test Organization Sub Int Token 2729s + for path_pair in "${softhsm2_conf_paths[@]}" 2729s + IFS=: 2729s + read -r -a path 2729s + user=root 2729s + path=/etc/softhsm/softhsm2.conf 2729s ++ dirname /etc/softhsm/softhsm2.conf 2729s + runuser -u root -- mkdir -p /etc/softhsm 2729s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 2729s + runuser -u root -- softhsm2-util --show-slots 2729s + grep 'Test Organization' 2729s Label: Test Organization Sub Int Token 2729s + systemctl restart sssd 2730s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 2730s + for alternative in "${alternative_pam_configs[@]}" 2730s + pam-auth-update --enable sss-smart-card-optional 2730s + cat /etc/pam.d/common-auth 2730s # 2730s # /etc/pam.d/common-auth - authentication settings common to all services 2730s # 2730s # This file is included from other service-specific PAM config files, 2730s # and should contain a list of the authentication modules that define 2730s # the central authentication scheme for use on the system 2730s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2730s # traditional Unix authentication mechanisms. 2730s # 2730s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2730s # To take advantage of this, it is recommended that you configure any 2730s # local modules either before or after the default block, and use 2730s # pam-auth-update to manage selection of other modules. See 2730s # pam-auth-update(8) for details. 2730s 2730s # here are the per-package modules (the "Primary" block) 2730s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 2730s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2730s auth [success=1 default=ignore] pam_sss.so use_first_pass 2730s # here's the fallback if no module succeeds 2730s auth requisite pam_deny.so 2730s # prime the stack with a positive return value if there isn't one already; 2730s # this avoids us returning an error just because nothing sets a success code 2730s # since the modules above will each just jump around 2730s auth required pam_permit.so 2730s # and here are more per-package modules (the "Additional" block) 2730s auth optional pam_cap.so 2730s # end of pam-auth-update config 2730s + echo -n -e 123456 2730s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2730s pamtester: invoking pam_start(login, ubuntu, ...) 2730s pamtester: performing operation - authenticate 2730s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2730s + echo -n -e 123456 2730s + runuser -u ubuntu -- pamtester -v login '' authenticate 2730s pamtester: invoking pam_start(login, , ...) 2730s pamtester: performing operation - authenticate 2730s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2730s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2730s + echo -n -e wrong123456 2731s pamtester: invoking pam_start(login, ubuntu, ...) 2731s pamtester: performing operation - authenticate 2734s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 2734s + echo -n -e wrong123456 2734s + runuser -u ubuntu -- pamtester -v login '' authenticate 2734s pamtester: invoking pam_start(login, , ...) 2734s pamtester: performing operation - authenticate 2738s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 2739s + echo -n -e 123456 2739s + pamtester -v login root authenticate 2739s pamtester: invoking pam_start(login, root, ...) 2739s pamtester: performing operation - authenticate 2742s Password: pamtester: Authentication failure 2742s + for alternative in "${alternative_pam_configs[@]}" 2742s + pam-auth-update --enable sss-smart-card-required 2742s PAM configuration 2742s ----------------- 2742s 2742s Incompatible PAM profiles selected. 2742s 2742s The following PAM profiles cannot be used together: 2742s 2742s SSS required smart card authentication, SSS optional smart card 2742s authentication 2742s 2742s Please select a different set of modules to enable. 2742s 2742s + cat /etc/pam.d/common-auth 2742s # 2742s # /etc/pam.d/common-auth - authentication settings common to all services 2742s # 2742s # This file is included from other service-specific PAM config files, 2742s # and should contain a list of the authentication modules that define 2742s # the central authentication scheme for use on the system 2742s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2742s # traditional Unix authentication mechanisms. 2742s # 2742s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2742s # To take advantage of this, it is recommended that you configure any 2742s # local modules either before or after the default block, and use 2742s # pam-auth-update to manage selection of other modules. See 2742s # pam-auth-update(8) for details. 2742s 2742s # here are the per-package modules (the "Primary" block) 2742s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 2742s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2742s auth [success=1 default=ignore] pam_sss.so use_first_pass 2742s # here's the fallback if no module succeeds 2742s auth requisite pam_deny.so 2742s # prime the stack with a positive return value if there isn't one already; 2742s # this avoids us returning an error just because nothing sets a success code 2742s # since the modules above will each just jump around 2742s auth required pam_permit.so 2742s # and here are more per-package modules (the "Additional" block) 2742s auth optional pam_cap.so 2742s # end of pam-auth-update config 2742s + echo -n -e 123456 2742s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2742s pamtester: invoking pam_start(login, ubuntu, ...) 2742s pamtester: performing operation - authenticate 2742s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2742s + echo -n -e 123456 2742s + runuser -u ubuntu -- pamtester -v login '' authenticate 2742s pamtester: invoking pam_start(login, , ...) 2742s pamtester: performing operation - authenticate 2742s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2742s + echo -n -e wrong123456 2742s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2742s pamtester: invoking pam_start(login, ubuntu, ...) 2742s pamtester: performing operation - authenticate 2746s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 2746s + echo -n -e wrong123456 2746s + runuser -u ubuntu -- pamtester -v login '' authenticate 2746s pamtester: invoking pam_start(login, , ...) 2746s pamtester: performing operation - authenticate 2749s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 2749s + echo -n -e 123456 2749s + pamtester -v login root authenticate 2749s pamtester: invoking pam_start(login, root, ...) 2749s pamtester: performing operation - authenticate 2752s pamtester: Authentication service cannot retrieve authentication info 2752s + test_authentication login /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem partial_chain 2752s + pam_service=login 2752s + certificate_config=/tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 2752s + ca_db=/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem 2752s + verification_options=partial_chain 2752s + mkdir -p -m 700 /etc/sssd 2752s Using CA DB '/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 2752s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-qsc7rI/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 2752s + cat 2752s + chmod 600 /etc/sssd/sssd.conf 2752s + for path_pair in "${softhsm2_conf_paths[@]}" 2752s + IFS=: 2752s + read -r -a path 2752s + user=ubuntu 2753s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 2753s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 2753s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 2753s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 2753s + runuser -u ubuntu -- softhsm2-util --show-slots 2753s + grep 'Test Organization' 2753s Label: Test Organization Sub Int Token 2753s + for path_pair in "${softhsm2_conf_paths[@]}" 2753s + IFS=: 2753s + read -r -a path 2753s + user=root 2753s + path=/etc/softhsm/softhsm2.conf 2753s ++ dirname /etc/softhsm/softhsm2.conf 2753s + runuser -u root -- mkdir -p /etc/softhsm 2753s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-qsc7rI/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 2753s + runuser -u root -- softhsm2-util --show-slots 2753s + grep 'Test Organization' 2753s Label: Test Organization Sub Int Token 2753s + systemctl restart sssd 2753s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 2753s + for alternative in "${alternative_pam_configs[@]}" 2753s + pam-auth-update --enable sss-smart-card-optional 2754s + cat /etc/pam.d/common-auth 2754s # 2754s # /etc/pam.d/common-auth - authentication settings common to all services 2754s # 2754s # This file is included from other service-specific PAM config files, 2754s # and should contain a list of the authentication modules that define 2754s # the central authentication scheme for use on the system 2754s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2754s # traditional Unix authentication mechanisms. 2754s # 2754s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2754s # To take advantage of this, it is recommended that you configure any 2754s # local modules either before or after the default block, and use 2754s # pam-auth-update to manage selection of other modules. See 2754s # pam-auth-update(8) for details. 2754s 2754s # here are the per-package modules (the "Primary" block) 2754s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 2754s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2754s auth [success=1 default=ignore] pam_sss.so use_first_pass 2754s # here's the fallback if no module succeeds 2754s auth requisite pam_deny.so 2754s # prime the stack with a positive return value if there isn't one already; 2754s # this avoids us returning an error just because nothing sets a success code 2754s # since the modules above will each just jump around 2754s auth required pam_permit.so 2754s # and here are more per-package modules (the "Additional" block) 2754s auth optional pam_cap.so 2754s # end of pam-auth-update config 2754s + echo -n -e 123456 2754s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2754s pamtester: invoking pam_start(login, ubuntu, ...) 2754s pamtester: performing operation - authenticate 2754s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2754s + echo -n -e 123456 2754s + runuser -u ubuntu -- pamtester -v login '' authenticate 2754s pamtester: invoking pam_start(login, , ...) 2754s pamtester: performing operation - authenticate 2754s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2754s + echo -n -e wrong123456 2754s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2754s pamtester: invoking pam_start(login, ubuntu, ...) 2754s pamtester: performing operation - authenticate 2757s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 2757s + echo -n -e wrong123456 2757s + runuser -u ubuntu -- pamtester -v login '' authenticate 2757s pamtester: invoking pam_start(login, , ...) 2757s pamtester: performing operation - authenticate 2761s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 2761s + echo -n -e 123456 2761s + pamtester -v login root authenticate 2761s pamtester: invoking pam_start(login, root, ...) 2761s pamtester: performing operation - authenticate 2764s Password: pamtester: Authentication failure 2764s + for alternative in "${alternative_pam_configs[@]}" 2764s + pam-auth-update --enable sss-smart-card-required 2765s PAM configuration 2765s ----------------- 2765s 2765s Incompatible PAM profiles selected. 2765s 2765s The following PAM profiles cannot be used together: 2765s 2765s SSS required smart card authentication, SSS optional smart card 2765s authentication 2765s 2765s Please select a different set of modules to enable. 2765s 2765s + cat /etc/pam.d/common-auth 2765s # 2765s # /etc/pam.d/common-auth - authentication settings common to all services 2765s # 2765s # This file is included from other service-specific PAM config files, 2765s # and should contain a list of the authentication modules that define 2765s # the central authentication scheme for use on the system 2765s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 2765s # traditional Unix authentication mechanisms. 2765s # 2765s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 2765s # To take advantage of this, it is recommended that you configure any 2765s # local modules either before or after the default block, and use 2765s # pam-auth-update to manage selection of other modules. See 2765s # pam-auth-update(8) for details. 2765s 2765s # here are the per-package modules (the "Primary" block) 2765s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 2765s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 2765s auth [success=1 default=ignore] pam_sss.so use_first_pass 2765s # here's the fallback if no module succeeds 2765s auth requisite pam_deny.so 2765s # prime the stack with a positive return value if there isn't one already; 2765s # this avoids us returning an error just because nothing sets a success code 2765s # since the modules above will each just jump around 2765s auth required pam_permit.so 2765s # and here are more per-package modules (the "Additional" block) 2765s auth optional pam_cap.so 2765s # end of pam-auth-update config 2765s + echo -n -e 123456 2765s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2765s pamtester: invoking pam_start(login, ubuntu, ...) 2765s pamtester: performing operation - authenticate 2765s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2765s + echo -n -e 123456 2765s + runuser -u ubuntu -- pamtester -v login '' authenticate 2765s pamtester: invoking pam_start(login, , ...) 2765s pamtester: performing operation - authenticate 2765s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 2765s + echo -n -e wrong123456 2765s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 2765s pamtester: invoking pam_start(login, ubuntu, ...) 2765s pamtester: performing operation - authenticate 2769s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 2769s + echo -n -e wrong123456 2769s + runuser -u ubuntu -- pamtester -v login '' authenticate 2769s pamtester: invoking pam_start(login, , ...) 2769s pamtester: performing operation - authenticate 2772s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 2772s + echo -n -e 123456 2772s + pamtester -v login root authenticate 2772s pamtester: invoking pam_start(login, root, ...) 2772s pamtester: performing operation - authenticate 2776s pamtester: Authentication service cannot retrieve authentication info 2776s + handle_exit 2776s + exit_code=0 2776s + restore_changes 2776s + for path in "${restore_paths[@]}" 2776s + local original_path 2776s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-WfSxk4 /tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm/softhsm2.conf 2776s + original_path=/etc/softhsm/softhsm2.conf 2776s + rm /etc/softhsm/softhsm2.conf 2776s + mv /tmp/sssd-softhsm2-backups-WfSxk4//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 2776s + for path in "${delete_paths[@]}" 2776s + rm -f /etc/sssd/sssd.conf 2776s + for path in "${delete_paths[@]}" 2776s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 2776s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 2777s + '[' -e /etc/sssd/sssd.conf ']' 2777s + systemctl stop sssd 2777s + '[' -e /etc/softhsm/softhsm2.conf ']' 2777s + chmod 600 /etc/softhsm/softhsm2.conf 2777s + rm -rf /tmp/sssd-softhsm2-certs-qsc7rI 2777s + '[' 0 = 0 ']' 2777s + rm -rf /tmp/sssd-softhsm2-backups-WfSxk4 2777s + set +x 2777s Script completed successfully! 2778s autopkgtest [16:34:14]: test sssd-smart-card-pam-auth-configs: -----------------------] 2779s autopkgtest [16:34:15]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 2779s sssd-smart-card-pam-auth-configs PASS 2779s autopkgtest [16:34:15]: @@@@@@@@@@@@@@@@@@@@ summary 2779s ldap-user-group-ldap-auth PASS 2779s ldap-user-group-krb5-auth PASS 2779s sssd-softhism2-certificates-tests.sh PASS 2779s sssd-smart-card-pam-auth-configs PASS 2791s nova [W] Skipping flock in bos03-arm64 2791s Creating nova instance adt-oracular-arm64-sssd-20240614-151124-juju-7f2275-prod-proposed-migration-environment-2-ebdabb66-bb1d-44ad-b189-6eb65d000c3d from image adt/ubuntu-oracular-arm64-server-20240614.img (UUID 60b9703a-c188-4156-ad09-cfc0d034bf1b)... 2791s nova [W] Skipping flock in bos03-arm64 2791s Creating nova instance adt-oracular-arm64-sssd-20240614-151124-juju-7f2275-prod-proposed-migration-environment-2-ebdabb66-bb1d-44ad-b189-6eb65d000c3d from image adt/ubuntu-oracular-arm64-server-20240614.img (UUID 60b9703a-c188-4156-ad09-cfc0d034bf1b)...