Project

General

Profile

Actions

action #125420

closed

[security][fips] improve tests for Firefox password handling

Added by amanzini about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
2023-03-06
Due date:
% Done:

100%

Estimated time:
Difficulty:
Tags:

Description

Ticket started from a bug filed in https://bugzilla.suse.com/show_bug.cgi?id=1208951
When Firefox is run in FIPS kernel mode, it refuses to set a trivial password. This is expected, as tests for FIPS mode sets a stronger password:

https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/tests/fips/mozilla_nss/firefox_nss.pm

# Define FIPS password for firefox, and it should be consisted by:
# - at least 8 characters
# - at least one upper case
# - at least one non-alphabet-non-number character (like: @-.=%)
my $fips_password = 'openqa@SUSE';

In that test, we only check for the successful setting of the strong password,
would be useful to test the proper behavior in both situations, e.g.

  • try to set a weak password, expect an error
  • try to set a strong password, expect success
Actions #1

Updated by amanzini about 1 year ago

  • Description updated (diff)
Actions #2

Updated by pstivanin about 1 year ago

  • Status changed from New to In Progress
  • Assignee set to pstivanin
Actions #3

Updated by pstivanin about 1 year ago

  • % Done changed from 0 to 70
Actions #5

Updated by pstivanin about 1 year ago

  • Status changed from In Progress to Resolved
  • % Done changed from 70 to 100
Actions

Also available in: Atom PDF