View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000968Main CAcert Websitesource codepublic2011-08-15 11:322013-01-15 17:41
ReporterUli60 Assigned ToTed  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version2011 Q4 
Summary0000968: split 0000909: too many error messages logged - part II - general.php
DescriptionPHP Warning: mkdir(../csr/client) [<a href='function.mkdir'>function.mkdir</a>]: File exists in /www/includes/general.php on line 923
PHP Warning: mkdir(../crt/client) [<a href='function.mkdir'>function.mkdir</a>]: File exists in /www/includes/general.php on line 924
PHP Warning: mkdir(../csr/client/316) [<a href='function.mkdir'>function.mkdir</a>]: File exists in /www/includes/general.php on line 925
PHP Warning: mkdir(../crt/orgserver/3) [<a href='function.mkdir'>function.mkdir</a>]: File exists in /www/includes/general.php on line 926
Additional Informationroutine doesn't check if directory exist or not
so this produces the warnings and floods the logfiles
TagsNo tags attached.
Reviewed byTed, NEOatNHNG
Test Instructions

Relationships

child of 0000909 closedUli60 too many error messages logged by php code 

Activities

Uli60

2011-08-15 11:36

updater   ~0002290

Last edited: 2011-08-15 11:39

 a warning message is logged if the csr or crt directory doesn't exist
a warning message is logged if the subdirectory exist
function generatecertpath() needs update

Uli60

2011-08-15 11:41

updater  

general.php (29,452 bytes)

Uli60

2011-08-15 11:42

updater   ~0002291

/includes/general.php

function generatecertpath() updated
with is_dir() checks

NEOatNHNG

2011-09-14 01:54

administrator   ~0002430

Reviewed and added to the test server. Needs Testing and a second review.

alex

2011-09-20 22:57

reporter   ~0002477

Generated 6 Org Client Certs and 5 Client Certs within last 20 minutes approx.

Uli60

2011-09-25 15:31

updater   ~0002513

2011-09-25 14:30 - 17:30
created new user: bug968.user1@wiamail.de
ca-mgr1: get confirmation email, confirming new user
         manage accounts: assure me, 100 pts
login to user: bug968.user1@wiamail.de
client certs new:
 1. use email, class1, include givenname, surname
 2. use email, class1, include givenname, middlename, surname
 3. use email, class1, noname
 4. use email, class3, noname
 5. use email, class3, include givenname, surname
 6. use email, class3, include givenname, surname
 7. use email, class3, include givenname, middlename, surname
View client certs: 7 listed
revocation of 0000006 cert
view client certs: 6 listed
view all certs: 6+1 listed, 1 revoked

GPG keys (infos see bug 0000911)
https://wiki.cacert.org/Software/CurrentTest/bug911
(includes Instructions to create pgp test keys)
(c:\tools, c:\prog\git\bin)
followed instruction given under bug911 instructions set
received -> Please upload only one key at a time.
gpg -v ascii-key-filename.extension
lists 3 keys :/
use -u for specific one ?
gpg --export --local-user 42362CF1 --armor -> same result
verbose info:
pub 1024D/42362CF1 2011-09-25 Bug968 Test User1 <bug968.user1@wiamail.de>
sig 42362CF1 2011-09-25 [selfsig]
sub 4096g/F284DD93 2011-09-25
sig 42362CF1 2011-09-25 [keybind]
ok, using different command line:
gpg --armor --export 42362CF1>bug968-user1.gpg
result has only 1 key
using for upload
The following UIDs were found in your key:
# Name Email Result
1 Bug968 Test User1 bug968.user1@wiamail.de Name and Email OK.
gpg keys view ->
Valid bug968.user1@wiamail.de 2012-09-25 14:26:29 C47C658542362CF1
=> ok

Server certs
Domains view -> empty
adding new domain
verify domain by email confirmation
view domains -> lists 1 domain
create server cert request
prepared 3 server csr's
openssl genrsa -out server#-hac-de.key 2048
openssl req -new -key server#-hac-de.key -out server#-hac-de.csr

server cert new:
1. class1, server1 (2048)
2. class3, server1 (2048)
3. class1, server2 (2048)
4. class3, server2 (2048)
5. class1, server3 (2048)
6. class3, server3 (2048)
view server certs, 6 listed certs
serno's
class1: 1093, 1094, 1095
class3: 106f, 1070, 1071
revoke 0000003 and 0000004 (all server2 certs)
view lists 4 active, 2 revoked
prepare new signing requests:
openssl genrsa -out server2b-hac-de.key 4096
openssl req -new -key server2b-hac-de.key -out server2b-hac-de.csr
new server certs:
7. class1, server2 (4096)
8. class3, server2 (4096)
view server certs, 6 listed active
view all certs, 6 listed active, 2 revoked
active: class1: 1093, 1095, 1096
active: class3: 106f, 1071, 1072
revoked: class1: 1094
revoked: class3: 1070
=> ok

Uli60

2011-09-25 16:40

updater   ~0002514

Last edited: 2011-09-25 16:41

 2011-09-25 17:30 - 18:40

Certs for ORganisations
preparing user account for use as orgadmin (no orgadmin flag set!!!)
bug968.user2@wiamail.de
confirmed new user account
ca-mgr1 - manage account
automated assurance -> 100 pts
login to orgassurer account
adding new org
domains add -> adding domain
admins add -> adding admin (see above) (with master flag set)
view orgs
new org added, lists domain(1), admins(1)
login to orgadmin account: bug968.user2@wiamail.de
under users account
0 client certs, 0 gpg keys, 0 domains, 0 server certs
org assurer - view
lists available domain

Org client certs
add org client(s)
fill in name, email, department
1. brigitte, class1
2. brigitte, class3
3. georg, class1
4. georg, class3
5. klaus, class1
6. klaus, class3
7. armin, class1
8. armin, class3
9. joachim, class1
10. joachim, class3
view org client certs
10 listed, class1 1097-109b, class3 1073-1077
revoke 0000007 and 0000009 (class1) of user armin and joachim
view org certs: 8 listed
view all org certs: 8 listed active, 2 revoked
=> ok

Org Server certs
preparing with openssl command lines:
openssl genrsa -out server1-svpg-de.key 4096
openssl req -new -key server1-svpg-de.key -out server1-svpg-de.csr

add new org server certs:
1. server1, class1 (4096)
2. server1, class3 (4096)
3. www, class1 (4096)
4. www, class3 (4096)
5. vlib, class1 (4096)
6. vlib, class3 (4096)
7. wa, class1 (4096)
8. wa, class3 (4096)
9. ma, class1 (4096)
10. ma, class3 (4096)
view org server certs: 10 listed
class1: 109c-10a0, class3: 1078-107c
revoke keys 0000005 and 0000006 (vlib)
view org server certs: 8 listed
view all org server certs: 8 active, 2 revoked
=> ok

SE verification
login with admin account
admin - find user -> bug968.user1@wiamail.de
Total Certificates Status
Certificates: Total Active Expired Revoked Latest Expire
Total domain-certificates: 8 6 0 2 2013-09-24
Total email-certificates: 7 6 0 1 2013-09-24
Total GPG keys: 1 1 0 2012-09-25
Org certificates: None
=> ok

admin - find user -> bug968.user2@wiamail.de
Total Certificates Status
Certificates: Total Active Expired Revoked Latest Expire
Total domain-certificates: None
Total email-certificates: None
Total GPG keys: None
Total org-domain-certificates: 10 8 0 2 2013-09-24
Total org-email-certificates: 10 8 0 2 2012-09-24
=> ok

Overall tests => successful

INOPIAE

2011-09-27 08:58

updater   ~0002531

Added new client and org client certificates.

Uli60

2011-09-27 18:50

updater   ~0002538

3 test series has been finished:
alex (2011-09-21), u60 (2011-09-25), INOPIAE (2011-09-27)
SA needs to check logfiles on cacert1.it-sls.de
for errors since 2011-09-20
regarding mkdir errors (see bug description)

needs response and/or deployment

Uli60

2011-10-01 13:42

updater   ~0002559

creating client certs: (1.10.2011 13:30-15:00)
1. user1, class1, no name, no-login (10A5)
2. user1, class1, incl name, no-login (10A6)
3. user1, class1, no name, login (10A7)
4. user1, class1, incl name, login (10A8)

5. user1, class3, no name, no-login (107E)
6. user1, class3, incl name, no-login (107F)
7. user1, class3, no name, login (1080)
8. user1, class3, incl name, login (1081)

9. user2, class1, no name, no-login (10A9)
10. user2, class1, incl name, no-login (10AA)
11. user2, class1, no name, login (10AB)
12. user2, class1, incl name, login (10AC)

13. user2, class3, no name, no-login (1082)
14. user2, class3, incl name, no-login (1083)
15. user2, class3, no name, login (1084)
16. user2, class3, incl name, login (1085)

17. user3, class1, no name, no-login (10AD)
18. user3, class1, incl name, no-login (10AE)
19. user3, class1, no name, login (10AF)
20. user3, class1, incl name, login (10B0)

21. user3, class3, no name, no-login (1086)
22. user3, class3, incl name, no-login (1087)
23. user3, class3, no name, login (1088)
24. user3, class3, incl name, login (1089)


addtl.
revoke certs:
9. user2, class1, no name, no-login (10A9)
10. user2, class1, incl name, no-login (10AA)
11. user2, class1, no name, login (10AB)
12. user2, class1, incl name, login (10AC)
13. user2, class3, no name, no-login (1082)
14. user2, class3, incl name, no-login (1083)
15. user2, class3, no name, login (1084)
16. user2, class3, incl name, login (1085)

see also test report
https://bugs.cacert.org/view.php?id=823#c2558

NEOatNHNG

2011-10-20 18:16

administrator   ~0002615

Just had a look through the logs, messages seem to have gone

NEOatNHNG

2011-11-15 23:05

administrator   ~0002691

Reminder sent to: Ted

Hi Ted, could you please review this fix? Thanks.

Ted

2011-11-16 20:44

administrator   ~0002697

Reviewed commit 83479b23af20a17cd59feb89c4b2c2c5ad0c670e vs. eb4d4d1ca50d08211ec230a60cee11f65b74c2bd

Changes are OK (and quite trivial).

wytze

2011-11-16 21:27

developer   ~0002698

The fix has been installed on the production server on November 16, 2011.
See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2011-11/msg00007.html

Werner Dworak

2012-12-21 05:23

updater   ~0003528

More than 3 month fixed and no complaints

Issue History

Date Modified Username Field Change
2011-08-15 11:32 Uli60 New Issue
2011-08-15 11:32 Uli60 Assigned To => Uli60
2011-08-15 11:33 Uli60 Relationship added child of 0000909
2011-08-15 11:36 Uli60 Note Added: 0002290
2011-08-15 11:36 Uli60 Status new => confirmed
2011-08-15 11:39 Uli60 Note Edited: 0002290
2011-08-15 11:41 Uli60 File Added: general.php
2011-08-15 11:42 Uli60 Note Added: 0002291
2011-08-15 11:42 Uli60 Status confirmed => fix available
2011-09-14 01:54 NEOatNHNG Note Added: 0002430
2011-09-14 01:54 NEOatNHNG Status fix available => needs review & testing
2011-09-14 01:55 NEOatNHNG Reviewed by => NEOatNHNG
2011-09-14 01:55 NEOatNHNG Source_changeset_attached => cacert-devel master 5985d391
2011-09-14 01:55 NEOatNHNG Source_changeset_attached => cacert-devel master 83479b23
2011-09-20 22:57 alex Note Added: 0002477
2011-09-25 15:31 Uli60 Note Added: 0002513
2011-09-25 16:40 Uli60 Note Added: 0002514
2011-09-25 16:41 Uli60 Note Edited: 0002514
2011-09-27 08:58 INOPIAE Note Added: 0002531
2011-09-27 18:50 Uli60 Note Added: 0002538
2011-09-27 18:50 Uli60 Status needs review & testing => needs review
2011-09-27 23:12 NEOatNHNG Source_changeset_attached => cacert-devel testserver 750f6c3d
2011-10-01 13:42 Uli60 Note Added: 0002559
2011-10-20 18:16 NEOatNHNG Note Added: 0002615
2011-10-22 05:46 Ted Assigned To Uli60 => Ted
2011-11-15 23:05 NEOatNHNG Note Added: 0002691
2011-11-16 20:43 Ted Reviewed by NEOatNHNG => Ted, NEOatNHNG
2011-11-16 20:44 Ted Note Added: 0002697
2011-11-16 20:44 Ted Status needs review => ready to deploy
2011-11-16 21:27 wytze Note Added: 0002698
2011-11-16 21:27 wytze Status ready to deploy => solved?
2011-11-16 21:27 wytze Resolution open => fixed
2011-11-20 00:35 NEOatNHNG Source_changeset_attached => cacert-devel release 6ff6e31c
2012-12-21 05:23 Werner Dworak Note Added: 0003528
2012-12-21 05:23 Werner Dworak Status solved? => closed
2013-01-15 17:41 Werner Dworak Fixed in Version => 2011 Q4