Mercurial > mozreview > gecko / changeset / b8f855af1ad3cba26738bd1440a0fa56eba6777a
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1430973 - Reression test to make sure non-ASCII file paths work. r?keeler draft
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Sat, 30 Dec 2017 14:52:10 +0900
changeset 748016 b8f855af1ad3cba26738bd1440a0fa56eba6777a
parent 748015 232dbd5acc3f2be2be59eddb3e7ef1d00d9111a0
child 748084 7e5b9d09196916daac73b23c58c6fe870f223970
push id97047
push userVYV03354@nifty.ne.jp
push dateSat, 27 Jan 2018 12:00:53 +0000
reviewerskeeler
bugs1430973
milestone60.0a1
Bug 1430973 - Reression test to make sure non-ASCII file paths work. r?keeler MozReview-Commit-ID: D77JALyAiWl
security/manager/ssl/tests/unit/test_nonascii_path.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/xpcshell.ini file | annotate | diff | comparison | revisions 
copy from security/manager/ssl/tests/unit/test_cert_trust.js
copy to security/manager/ssl/tests/unit/test_nonascii_path.js
--- a/security/manager/ssl/tests/unit/test_cert_trust.js
+++ b/security/manager/ssl/tests/unit/test_nonascii_path.js
@@ -1,145 +1,46 @@
 // -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 "use strict";
 
-do_get_profile(); // must be called before getting nsIX509CertDB
+// Tests to make sure that the certificate DB works with non-ASCII paths.
+
+// Append a single quote and non-ASCII characters to the profile path.
+let env = Components.classes["@mozilla.org/process/environment;1"]
+                    .getService(Components.interfaces.nsIEnvironment);
+let profd = env.get("XPCSHELL_TEST_PROFILE_DIR");
+let file = Components.classes["@mozilla.org/file/local;1"]
+                     .createInstance(Components.interfaces.nsIFile);
+file.initWithPath(profd);
+file.append("'รท1");
+env.set("XPCSHELL_TEST_PROFILE_DIR", file.path);
+
+file = do_get_profile(); // must be called before getting nsIX509CertDB
+Assert.ok(/[^\x20-\x7f]/.test(file.path), "the profile path should contain a non-ASCII character");
+if (mozinfo.os == "win") {
+  file.QueryInterface(Components.interfaces.nsILocalFileWin);
+  Assert.ok(/[^\x20-\x7f]/.test(file.canonicalPath), "the profile short path should contain a non-ASCII character");
+}
+
+// Restore the original value.
+env.set("XPCSHELL_TEST_PROFILE_DIR", profd);
+
 const certdb  = Cc["@mozilla.org/security/x509certdb;1"]
                   .getService(Ci.nsIX509CertDB);
 
 function load_cert(cert_name, trust_string) {
   let cert_filename = cert_name + ".pem";
   return addCertFromFile(certdb, "test_cert_trust/" + cert_filename,
                          trust_string);
 }
 
-function setup_basic_trusts(ca_cert, int_cert) {
-  certdb.setCertTrust(ca_cert, Ci.nsIX509Cert.CA_CERT,
-                      Ci.nsIX509CertDB.TRUSTED_SSL |
-                      Ci.nsIX509CertDB.TRUSTED_EMAIL);
-
-  certdb.setCertTrust(int_cert, Ci.nsIX509Cert.CA_CERT, 0);
-}
-
-function test_ca_distrust(ee_cert, cert_to_modify_trust, isRootCA) {
-  // On reset most usages are successful
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-
-  // Test of active distrust. No usage should pass.
-  setCertTrust(cert_to_modify_trust, "p,p,p");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailRecipient);
-
-  // Trust set to T  -  trusted CA to issue client certs, where client cert is
-  // usageSSLClient.
-  setCertTrust(cert_to_modify_trust, "T,T,T");
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-
-  // Now tests on the SSL trust bit
-  setCertTrust(cert_to_modify_trust, "p,C,C");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLServer);
-
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-  // Inherited trust SSL
-  setCertTrust(cert_to_modify_trust, ",C,C");
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-  // Now tests on the EMAIL trust bit
-  setCertTrust(cert_to_modify_trust, "C,p,C");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailRecipient);
-
-
-  // inherited EMAIL Trust
-  setCertTrust(cert_to_modify_trust, "C,,C");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-}
-
-
 function run_test() {
   let certList = [
     "ca",
     "int",
     "ee",
   ];
   let loadedCerts = [];
   for (let certName of certList) {
@@ -147,43 +48,9 @@ function run_test() {
   }
 
   let ca_cert = loadedCerts[0];
   notEqual(ca_cert, null, "CA cert should have successfully loaded");
   let int_cert = loadedCerts[1];
   notEqual(int_cert, null, "Intermediate cert should have successfully loaded");
   let ee_cert = loadedCerts[2];
   notEqual(ee_cert, null, "EE cert should have successfully loaded");
-
-  setup_basic_trusts(ca_cert, int_cert);
-  test_ca_distrust(ee_cert, ca_cert, true);
-
-  setup_basic_trusts(ca_cert, int_cert);
-  test_ca_distrust(ee_cert, int_cert, false);
-
-  // Reset trust to default ("inherit trust")
-  setCertTrust(ca_cert, ",,");
-  setCertTrust(int_cert, ",,");
-
-  // If an end-entity certificate is manually trusted, it may not be the root of
-  // its own verified chain. In general this will cause "unknown issuer" errors
-  // unless a CA trust anchor can be found.
-  setCertTrust(ee_cert, "CTu,CTu,CTu");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageEmailRecipient);
-
-  // Now make a CA trust anchor available.
-  setCertTrust(ca_cert, "CTu,CTu,CTu");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
 }
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -103,16 +103,17 @@ run-sequentially = hardcoded ports
 [test_keysize_ev.js]
 run-sequentially = hardcoded ports
 [test_local_cert.js]
 [test_logoutAndTeardown.js]
 run-sequentially = hardcoded ports
 [test_missing_intermediate.js]
 run-sequentially = hardcoded ports
 [test_name_constraints.js]
+[test_nonascii_path.js]
 [test_nsCertType.js]
 run-sequentially = hardcoded ports
 [test_nsIX509Cert_utf8.js]
 [test_nsIX509CertValidity.js]
 [test_nss_shutdown.js]
 [test_ocsp_caching.js]
 run-sequentially = hardcoded ports
 [test_ocsp_enabled_pref.js]
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.