Backing out bug 470963
authorHonza Bambas <honzab.moz@firemni.cz>
Sun, 18 Jan 2009 15:44:37 +0100
changeset 23899 e7e8a8f2783d0c14e1b0e58643ebc2e1e7fcf970
parent 23898 851e7b387ec054cba10798e35f973a507061dcfa
child 23900 e28f00d256d175bd9cea0f2a523e3d003caf849b
push idunknown
push userunknown
push dateunknown
bugs470963
milestone1.9.2a1pre
Backing out bug 470963
build/pgo/Makefile.in
build/pgo/automation.py.in
build/pgo/certs/Makefile.in
build/pgo/genpgocert.py.in
testing/mochitest/Makefile.in
old mode 100755
new mode 100644
--- a/build/pgo/Makefile.in
+++ b/build/pgo/Makefile.in
@@ -42,22 +42,24 @@ srcdir		= @srcdir@
 VPATH		= @srcdir@
 relativesrcdir = build/pgo
 
 include $(DEPTH)/config/autoconf.mk
 
 DIRS = \
   blueprint \
   js-input \
+  certs \
   $(NULL)
 
 include $(topsrcdir)/config/rules.mk
 
 # Stuff to make a build with a profile
 _PROFILE_DIR = $(DEPTH)/_profile/pgo
+_CERTS_DIR = $(_PROFILE_DIR)/certs
 _CERTS_SRC_DIR = $(srcdir)/certs
 
 _PGO_FILES = 	\
   automation.py \
   profileserver.py \
   genpgocert.py \
   index.html \
   server-locations.txt \
@@ -83,17 +85,17 @@ else
 browser_path = \"$(DIST)/bin/$(PROGRAM)\"
 endif
 endif
 
 AUTOMATION_PPARGS = 	\
 			-DBROWSER_PATH=$(browser_path) \
 			-DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \
 			-DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \
-			-DPROFILE_DIR=\"$(_PROFILE_DIR)\" \
+			-DCERTS_DIR=\"$(_CERTS_DIR)\" \
 			-DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \
 			$(NULL)
 
 ifeq ($(OS_ARCH),Darwin)
 AUTOMATION_PPARGS += -DIS_MAC=1
 else
 AUTOMATION_PPARGS += -DIS_MAC=0
 endif
--- a/build/pgo/automation.py.in
+++ b/build/pgo/automation.py.in
@@ -77,18 +77,17 @@ SCRIPT_DIR = os.path.abspath(os.path.rea
 IS_CYGWIN = False
 #endif
 #expand IS_CAMINO = __IS_CAMINO__ != 0
 #expand BIN_SUFFIX = __BIN_SUFFIX__
 
 UNIXISH = not IS_WIN32 and not IS_MAC
 
 #expand DEFAULT_APP = "./" + __BROWSER_PATH__
-#expand PROFILE_DIR = __PROFILE_DIR__
-#expand CERTS_SRC_DIR = __CERTS_SRC_DIR__
+#expand CERTS_DIR = __CERTS_DIR__
 #expand IS_TEST_BUILD = __IS_TEST_BUILD__
 #expand IS_DEBUG_BUILD = __IS_DEBUG_BUILD__
 
 ###########
 # LOGGING #
 ###########
 
 # We use the logging system here primarily because it'll handle multiple
@@ -394,21 +393,21 @@ def fillCertificateDB(profileDir):
 
   pwfilePath = os.path.join(profileDir, ".crtdbpw")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
   # Create head of the ssltunnel configuration file
-  sslTunnelConfigPath = os.path.join(PROFILE_DIR, "ssltunnel.cfg")
+  sslTunnelConfigPath = os.path.join(CERTS_DIR, "ssltunnel.cfg")
   sslTunnelConfig = open(sslTunnelConfigPath, "w")
   
   sslTunnelConfig.write("httpproxy:1\n")
-  sslTunnelConfig.write("certdbdir:%s\n" % CERTS_SRC_DIR)
+  sslTunnelConfig.write("certdbdir:%s\n" % CERTS_DIR)
   sslTunnelConfig.write("forward:127.0.0.1:8888\n")
   sslTunnelConfig.write("listen:*:4443:pgo server certificate\n")
 
   # Configure automatic certificate and bind custom certificates, client authentication
   locations = readLocations()
   locations.pop(0)
   for loc in locations:
     if loc.scheme == "https" and "nocert" not in loc.options:
@@ -433,27 +432,26 @@ def fillCertificateDB(profileDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
   status = Process(certutil, ["-N", "-d", profileDir, "-f", pwfilePath], environment()).wait()
   if status != 0:
     return status
 
   # Walk the cert directory and add custom CAs and client certs
-  files = os.listdir(CERTS_SRC_DIR)
+  files = os.listdir(CERTS_DIR)
   for item in files:
     root, ext = os.path.splitext(item)
     if ext == ".ca":
-      Process(certutil, ["-A", "-i", os.path.join(CERTS_SRC_DIR, item),
+      Process(certutil, ["-A", "-i", os.path.join(CERTS_DIR, item),
         "-d", profileDir, "-f", pwfilePath, "-n", root, "-t", "CT,,"],
         environment()).wait()
     if ext == ".client":
-      Process(pk12util, ["-i", os.path.join(CERTS_SRC_DIR, item), "-w",
-        pwfilePath, "-d", profileDir], 
-        environment()).wait()
+      Process(pk12util, ["-i", os.path.join(CERTS_DIR, item), "-w", pwfilePath,
+        "-d", profileDir], environment()).wait()
 
   os.unlink(pwfilePath)
   return 0
 
 def environment(env = None):
   if env == None:
     env = dict(os.environ)
 
@@ -475,17 +473,17 @@ def runApp(testURL, env, app, profileDir
     # create certificate database for the profile
     certificateStatus = fillCertificateDB(profileDir)
     if certificateStatus != 0:
       log.info("ERROR FAIL Certificate integration")
       return certificateStatus
   
     # start ssltunnel to provide https:// URLs capability
     ssltunnel = DIST_BIN + "/ssltunnel" + BIN_SUFFIX
-    ssltunnelProcess = Process(ssltunnel, [os.path.join(PROFILE_DIR, "ssltunnel.cfg")], environment())
+    ssltunnelProcess = Process(ssltunnel, [os.path.join(CERTS_DIR, "ssltunnel.cfg")], environment())
     log.info("SSL tunnel pid: %d", ssltunnelProcess.pid)
   
   "Run the app, returning the time at which it was started."
   # mark the start
   start = datetime.now()
 
   # now run with the profile we created
   cmd = app
new file mode 100644
--- /dev/null
+++ b/build/pgo/certs/Makefile.in
@@ -0,0 +1,74 @@
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is Mozilla test code
+#
+# The Initial Developer of the Original Code is
+# Mozilla Foundation
+# Portions created by the Initial Developer are Copyright (C) 2008
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+# Honza Bambas <honzab@firemni.cz>
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+_PROFILE_DIR = $(DEPTH)/_profile/pgo
+_CERTS_DIR = $(_PROFILE_DIR)/certs
+
+# Following files will be added as trusted Certificate Authorities
+# to the PGO profile.
+# Extension of those files MUST BE '.ca'.
+_CERT_AUTHORITIES = \
+    pgoca.ca \
+    $(NULL)
+
+
+# Following files will be added as user/client certificates
+# to the PGO profile to be used for client authentication.
+# Extension of those files MUST BE '.client'.
+_CLIENT_CERTS = \
+    mochitest.client \
+    $(NULL)
+
+_SERV_FILES = \
+    pgoca.p12 \
+    cert8.db \
+    key3.db \
+    secmod.db \
+    $(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+libs:: $(_SERV_FILES) $(_CERT_AUTHORITIES) $(_CLIENT_CERTS)
+	$(INSTALL) $^ $(_CERTS_DIR)
--- a/build/pgo/genpgocert.py.in
+++ b/build/pgo/genpgocert.py.in
@@ -39,17 +39,17 @@
 import automation
 import os
 import re
 import shutil
 import sys
 
 #expand DIST_BIN = __XPC_BIN_PATH__
 #expand BIN_SUFFIX = __BIN_SUFFIX__
-#expand PROFILE_DIR = __PROFILE_DIR__
+#expand CERTS_DIR = __CERTS_DIR__
 #expand CERTS_SRC_DIR = __CERTS_SRC_DIR__
 
 dbFiles = [
   re.compile("^cert[0-9]+\.db$"),
   re.compile("^key[0-9]+\.db$"),
   re.compile("^secmod\.db$")
 ]
 
@@ -63,42 +63,51 @@ def unlinkDbFiles(path):
 def dbFilesExist(path):
   for root, dirs, files in os.walk(path):
     for name in files:
       for dbFile in dbFiles:
         if dbFile.match(name) and os.path.exists(os.path.join(root, name)):
           return True
   return False
 
+def installDbFiles(path, dest):
+  for root, dirs, files in os.walk(path):
+    for name in files:
+      for dbFile in dbFiles:
+        if dbFile.match(name):
+          shutil.copy(os.path.join(root, name), os.path.join(dest, name))
+
 
 def runUtil(util, args, inputdata = None):
   proc = automation.Process(util, args, automation.environment(), inputdata)
   return proc.wait()
 
 
 def createRandomFile(randomFile):
   import random
   file = open(randomFile, "wb");
   for count in xrange(0, 2048):
     file.write(chr(random.randint(0, 255)))
   file.close()
 
 
-def createCertificateAuthority(profileDir, srcDir):
+def createCertificateAuthority(dbDir, srcDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
-  tempDbDir = os.path.join(profileDir, ".temp")
+  tempDbDir = os.path.join(dbDir, ".temp")
   if not os.path.exists(tempDbDir):
     os.mkdir(tempDbDir)
   
   pwfilePath = os.path.join(tempDbDir, ".crtdbpw")
   rndfilePath = os.path.join(tempDbDir, ".rndfile")
   pgoCAModulePathSrc = os.path.join(srcDir, "pgoca.p12")
   pgoCAPathSrc = os.path.join(srcDir, "pgoca.ca")
+  pgoCAModulePath = os.path.join(srcDir, "pgoca.p12")
+  pgoCAPath = os.path.join(srcDir, "pgoca.ca")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
   unlinkDbFiles(tempDbDir)
 
   # Create temporary certification database for CA generation
@@ -121,43 +130,44 @@ def createCertificateAuthority(profileDi
     
   unlinkDbFiles(tempDbDir)
   os.unlink(pwfilePath)
   os.unlink(rndfilePath)
   os.rmdir(tempDbDir)
   return 0
 
 
-def createSSLServerCertificate(profileDir, srcDir):
+def createSSLServerCertificate(dbDir, srcDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
-  pwfilePath = os.path.join(profileDir, ".crtdbpw")
-  rndfilePath = os.path.join(profileDir, ".rndfile")
-  pgoCAPath = os.path.join(srcDir, "pgoca.p12")
+  pwfilePath = os.path.join(dbDir, ".crtdbpw")
+  rndfilePath = os.path.join(dbDir, ".rndfile")
+  pgoCAPath = os.path.join(dbDir, "pgoca.p12")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
+  unlinkDbFiles(dbDir)
+
   if not dbFilesExist(srcDir):
-    # Make sure all DB files from src are really deleted
     unlinkDbFiles(srcDir)
     
     # Create certification database for ssltunnel
     status = runUtil(certutil, ["-N", "-d", srcDir, "-f", pwfilePath])
     if status != 0:
       return status
   
     status = runUtil(pk12util, ["-i", pgoCAPath, "-w", pwfilePath, "-d", srcDir, "-k", pwfilePath])
     if status != 0:
       return status
 
   # Generate automatic certificate
-  locations = automation.readLocations(os.path.join(profileDir, "server-locations.txt"))
+  locations = automation.readLocations(os.path.join(dbDir, "../server-locations.txt"))
   locations.pop(0)
   locationsParam = ""
   firstLocation = ""
   for loc in locations:
     if loc.scheme == "https" and "nocert" not in loc.options:
       customCertOption = False
       customCertRE = re.compile("^cert=(?:\w+)")
       for option in loc.options:
@@ -181,34 +191,35 @@ def createSSLServerCertificate(profileDi
     
     runUtil(certutil, ["-D", "-n", "pgo server certificate", "-d", srcDir, "-z", rndfilePath, "-f", pwfilePath])
     # Ignore the result, the certificate may not be present when new database is being built
     
     status = runUtil(certutil, ["-S", "-s", "CN=%s" % firstLocation, "-t", "Pu,,", "-c", "pgo temporary ca", "-m", "2", "-8", locationsParam, "-v", "12", "-n", "pgo server certificate", "-d", srcDir, "-z", rndfilePath, "-f", pwfilePath])
     if status != 0:
       return status
     
+  installDbFiles(srcDir, dbDir)
   os.unlink(pwfilePath)
   os.unlink(rndfilePath)
   return 0
 
 
 if len(sys.argv) == 1:
   print "Specify --gen-server or --gen-ca"
   sys.exit(1)
 
 if sys.argv[1] == "--gen-server":
-  certificateStatus = createSSLServerCertificate(PROFILE_DIR, CERTS_SRC_DIR)
+  certificateStatus = createSSLServerCertificate(CERTS_DIR, CERTS_SRC_DIR)
   if certificateStatus != 0:
     print "ERROR FAIL: SSL Server Certificate generation"
   
   sys.exit(certificateStatus)
   
 if sys.argv[1] == "--gen-ca":
-  certificateStatus = createCertificateAuthority(PROFILE_DIR, CERTS_SRC_DIR)
+  certificateStatus = createCertificateAuthority(CERTS_DIR, CERTS_SRC_DIR)
   if certificateStatus != 0:
     print "ERROR FAIL: Certificate Authority generation"
   else:
     print "\n\n"
     print "==================================================="
     print " IMPORTANT:"
     print " To use this new certificate authority in tests"
     print " run 'make' at testing/mochitest"
--- a/testing/mochitest/Makefile.in
+++ b/testing/mochitest/Makefile.in
@@ -69,18 +69,17 @@ include $(topsrcdir)/config/rules.mk
 		redirect.js \
 		$(topsrcdir)/build/pgo/server-locations.txt \
 		$(topsrcdir)/netwerk/test/httpserver/httpd.js \
 		mozprefs.js \
 		$(NULL)	
 
 
 _DEST_DIR = $(DEPTH)/_tests/$(relativesrcdir)
-_PROFILE_DIR = $(DEPTH)/_profile/pgo
-_CERTS_SRC_DIR = $(topsrcdir)/build/pgo/certs
+_CERTS_DIR = $(DEPTH)/_profile/pgo/certs
 
 ifeq ($(USE_SHORT_LIBNAME), 1)
 PROGRAM = $(MOZ_APP_NAME)$(BIN_SUFFIX)
 else
 PROGRAM = $(MOZ_APP_NAME)-bin$(BIN_SUFFIX)
 endif
 
 ifeq ($(MOZ_BUILD_APP),camino)
@@ -97,18 +96,17 @@ browser_path = \"../$(DIST)/bin/$(PROGRA
 endif
 endif
 
 # These go in _tests/ so they need to go up an extra path segement
 TEST_DRIVER_PPARGS = 	\
 			-DBROWSER_PATH=$(browser_path) \
 			-DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \
 			-DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \
-			-DPROFILE_DIR=\"../$(_PROFILE_DIR)\" \
-			-DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \
+			-DCERTS_DIR=\"../$(_CERTS_DIR)\" \
 			$(NULL)
 
 ifeq ($(OS_ARCH),Darwin)
 TEST_DRIVER_PPARGS += -DIS_MAC=1
 else
 TEST_DRIVER_PPARGS += -DIS_MAC=0
 endif