Bug 743485

Summary: Proper error message needed on providing non-existent request identifier with "getcert list"
Product: Red Hat Enterprise Linux 6 Reporter: Kaleem <ksiddiqu>
Component: certmongerAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: dpal, jgalipea, kchamart
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: certmonger-0.50-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-06 17:40:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 748554    

Description Kaleem 2011-10-05 05:33:32 UTC 
Description of problem:
A proper error message is not displayed when a non-existent request identifier is provided for "getcert list".

Version-Release number of selected component (if applicable):

[root@dhcp201-220 ~]# rpm -q certmonger
certmonger-0.48-1.el6.x86_64
[root@dhcp201-220 ~]#

How reproducible:
Always

Steps to Reproduce:
1.Install Certmonger and start certmonger service
2.run following command

[root@dhcp201-220 ~]# getcert list -i non-existent
Number of certificates and requests being tracked: 0.
[root@dhcp201-220 ~]#

  
Actual results:
It displays on command line only no of certificates tracked.

Expected results:
It should prompt that no matching request found for given request identifier.


Additional info:
(1)Similar behaviour observed when non-existent nickname along with existing NSS db is provided with 'getcert list'. In this case too it should prompt that no matching request found for given nickname.

[root@dhcp201-220 ~]# getcert list -d /tmp/kaleem/ -n non-existent
Number of certificates and requests being tracked: 0.
[root@dhcp201-220 ~]#

(2)Similar behaviour observed when non-existent file based storage is provided with 'getcert list'. In this scenario as well it should prompt that no matching request found for given file based storage.

[root@dhcp201-220 ~]# getcert list -f /tmp/kaleem/non-existent.crt
Number of certificates and requests being tracked: 0.
[root@dhcp201-220 ~]#
Comment 3 Kaleem 2011-10-14 11:54:37 UTC 
Nalin,

Still i see earlier behaviour and there is no new error message for this.

[root@dhcp201-220 ~]# rpm -q certmonger 
certmonger-0.49-1.el6.x86_64
[root@dhcp201-220 ~]# getcert list -i non-existent
Number of certificates and requests being tracked: 0.
[root@dhcp201-220 ~]
Comment 4 Nalin Dahyabhai 2011-10-14 14:53:43 UTC 
Ugh, didn't push these changes from the box where they were made.  Fixing.
Comment 5 Kaleem 2011-10-17 07:01:50 UTC 
Verified.

RHEL Version:
[root@dhcp201-220 ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 6.2 Beta (Santiago)

Certmonger Version:

[root@dhcp201-220 ~]# rpm -q certmonger
certmonger-0.50-1.el6.x86_64
[root@dhcp201-220 ~]#

Steps used to verified:
(1)Install Certmonger 

[root@dhcp201-220 ~]# yum install certmonger -y
Loaded plugins: product-id, subscription-manager

Installed:
  certmonger.x86_64 0:0.50-1.el6                                                                    [root@dhcp201-220 ~]#
                                             
(2)Start Certmonger service

[root@dhcp201-220 ~]# service certmonger start
Starting certmonger:                                       [  OK  ]
[root@dhcp201-220 ~]#

(3)Run "getcert list" with a non-existent request identifier/nickname with NSS db/filebased storage

[root@dhcp201-220 ~]# getcert list -i non-existent
No request found with specified nickname.
[root@dhcp201-220 ~]#

[root@dhcp201-220 ~]# getcert list -d /tmp/kaleem/ -n non-existent
No request found that matched arguments.
[root@dhcp201-220 ~]#

[root@dhcp201-220 ~]# getcert list -f /tmp/kaleem/non-existent.crt
No request found that matched arguments.
[root@dhcp201-220 ~]#


Result:
Now proper error message is displayed on providing non-existent request identifier/nickname with NSS db or non-existent filebased storage.
Comment 6 errata-xmlrpc 2011-12-06 17:40:01 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1708.html