Bug 1573662 - Rename sanctions test routines to make it easier to add new ones r=keeler
authorJ.C. Jones <jjones@mozilla.com>
Tue, 13 Aug 2019 20:59:17 +0000
changeset 487788 16e1b6a26d2ea0a1c763bdbdf3e4f2e1f4dd239e
parent 487787 d9b0975e6e710b3d18974a82589e5cce0e6fd2dd
child 487789 ad33a9311b303cd8f9bdbf6da184454040301e39
push id36430
push userdvarga@mozilla.com
push dateWed, 14 Aug 2019 04:09:17 +0000
treeherdermozilla-central@d3deef805f92 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1573662
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1573662 - Rename sanctions test routines to make it easier to add new ones r=keeler 1) Multipurpose-ing the TLSServer specialization to `SanctionsTestServer` 2) Renaming the `security/manager/ssl/tests/unit/test_symantec_apple_google` folder of certs to `test_sanctions` 3) Prepend a `symantec-` to the start of all relevant certs in the new `test_sanctions` folder 4) Renaming the existing xpcshell test to `test_sanctions_symantec_apple_google.js` Differential Revision: https://phabricator.services.mozilla.com/D39942
python/mozbuild/mozbuild/action/test_archive.py
python/mozbuild/mozbuild/artifacts.py
security/manager/ssl/tests/unit/moz.build
security/manager/ssl/tests/unit/test_sanctions/default-ee.key
security/manager/ssl/tests/unit/test_sanctions/default-ee.key.keyspec
security/manager/ssl/tests/unit/test_sanctions/default-ee.pem
security/manager/ssl/tests/unit/test_sanctions/default-ee.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/moz.build
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-after-cutoff.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-after-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-before-cutoff.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-before-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-after-cutoff.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-after-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-before-cutoff.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-before-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other-crossigned.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other-crossigned.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-whitelisted.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-whitelisted.pem.certspec
security/manager/ssl/tests/unit/test_sanctions/symantec-real-google-g2-intermediate.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-real-googlecom.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-test-ca.pem
security/manager/ssl/tests/unit/test_sanctions/symantec-test-ca.pem.certspec
security/manager/ssl/tests/unit/test_sanctions_symantec_apple_google.js
security/manager/ssl/tests/unit/test_symantec_apple_google.js
security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.key
security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.key.keyspec
security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-after-cutoff.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-after-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-before-cutoff.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-before-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-after-cutoff.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-after-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-before-cutoff.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-before-cutoff.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other-crossigned.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other-crossigned.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-whitelisted.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-whitelisted.pem.certspec
security/manager/ssl/tests/unit/test_symantec_apple_google/moz.build
security/manager/ssl/tests/unit/test_symantec_apple_google/real-google-g2-intermediate.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/real-googlecom.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/test-ca.pem
security/manager/ssl/tests/unit/test_symantec_apple_google/test-ca.pem.certspec
security/manager/ssl/tests/unit/tlsserver/cmd/SanctionsTestServer.cpp
security/manager/ssl/tests/unit/tlsserver/cmd/SymantecSanctionsServer.cpp
security/manager/ssl/tests/unit/tlsserver/cmd/moz.build
security/manager/ssl/tests/unit/xpcshell.ini
testing/xpcshell/remotexpcshelltests.py
toolkit/mozapps/installer/upload-files.mk
--- a/python/mozbuild/mozbuild/action/test_archive.py
+++ b/python/mozbuild/mozbuild/action/test_archive.py
@@ -30,17 +30,17 @@ import mozpack.path as mozpath
 import buildconfig
 
 STAGE = mozpath.join(buildconfig.topobjdir, 'dist', 'test-stage')
 
 TEST_HARNESS_BINS = [
     'BadCertAndPinningServer',
     'GenerateOCSPResponse',
     'OCSPStaplingServer',
-    'SymantecSanctionsServer',
+    'SanctionsTestServer',
     'SmokeDMD',
     'certutil',
     'crashinject',
     'fileid',
     'geckodriver',
     'minidumpwriter',
     'pk12util',
     'screenshot',
--- a/python/mozbuild/mozbuild/artifacts.py
+++ b/python/mozbuild/mozbuild/artifacts.py
@@ -111,17 +111,17 @@ class ArtifactJob(object):
     # Each item is a pair of (pattern, (src_prefix, dest_prefix), where src_prefix
     # is the prefix of the pattern relevant to its location in the archive, and
     # dest_prefix is the prefix to be added that will yield the final path relative
     # to dist/.
     test_artifact_patterns = {
         ('bin/BadCertAndPinningServer', ('bin', 'bin')),
         ('bin/GenerateOCSPResponse', ('bin', 'bin')),
         ('bin/OCSPStaplingServer', ('bin', 'bin')),
-        ('bin/SymantecSanctionsServer', ('bin', 'bin')),
+        ('bin/SanctionsTestServer', ('bin', 'bin')),
         ('bin/certutil', ('bin', 'bin')),
         ('bin/fileid', ('bin', 'bin')),
         ('bin/geckodriver', ('bin', 'bin')),
         ('bin/pk12util', ('bin', 'bin')),
         ('bin/screentopng', ('bin', 'bin')),
         ('bin/ssltunnel', ('bin', 'bin')),
         ('bin/xpcshell', ('bin', 'bin')),
         ('bin/plugins/gmp-*/*/*', ('bin/plugins', 'bin')),
@@ -552,17 +552,17 @@ class WinArtifactJob(ArtifactJob):
             p.format(product=self.product) for p in self._package_artifact_patterns
         }
 
     # These are a subset of TEST_HARNESS_BINS in testing/mochitest/Makefile.in.
     test_artifact_patterns = {
         ('bin/BadCertAndPinningServer.exe', ('bin', 'bin')),
         ('bin/GenerateOCSPResponse.exe', ('bin', 'bin')),
         ('bin/OCSPStaplingServer.exe', ('bin', 'bin')),
-        ('bin/SymantecSanctionsServer.exe', ('bin', 'bin')),
+        ('bin/SanctionsTestServer.exe', ('bin', 'bin')),
         ('bin/certutil.exe', ('bin', 'bin')),
         ('bin/fileid.exe', ('bin', 'bin')),
         ('bin/geckodriver.exe', ('bin', 'bin')),
         ('bin/minidumpwriter.exe', ('bin', 'bin')),
         ('bin/pk12util.exe', ('bin', 'bin')),
         ('bin/screenshot.exe', ('bin', 'bin')),
         ('bin/ssltunnel.exe', ('bin', 'bin')),
         ('bin/xpcshell.exe', ('bin', 'bin')),
--- a/security/manager/ssl/tests/unit/moz.build
+++ b/security/manager/ssl/tests/unit/moz.build
@@ -14,27 +14,27 @@ TEST_DIRS += [
     'ocsp_certs',
     'test_baseline_requirements',
     'test_cert_eku',
     'test_cert_embedded_null',
     'test_cert_keyUsage',
     'test_cert_sha1',
     'test_cert_signatures',
     'test_cert_trust',
+    'test_cert_utf8',
     'test_cert_version',
-    'test_cert_utf8',
     'test_certDB_import',
     'test_content_signing',
     'test_ct',
     'test_ev_certs',
     'test_intermediate_basic_usage_constraints',
     'test_keysize',
     'test_keysize_ev',
     'test_missing_intermediate',
     'test_name_constraints',
     'test_ocsp_url',
     'test_onecrl',
     'test_pinning_dynamic',
+    'test_sanctions',
     'test_signed_apps',
     'test_startcom_wosign',
-    'test_symantec_apple_google',
     'test_validity',
 ]
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.key
rename to security/manager/ssl/tests/unit/test_sanctions/default-ee.key
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.key.keyspec
rename to security/manager/ssl/tests/unit/test_sanctions/default-ee.key.keyspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.pem
rename to security/manager/ssl/tests/unit/test_sanctions/default-ee.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/default-ee.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/default-ee.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/moz.build
rename to security/manager/ssl/tests/unit/test_sanctions/moz.build
--- a/security/manager/ssl/tests/unit/test_symantec_apple_google/moz.build
+++ b/security/manager/ssl/tests/unit/test_sanctions/moz.build
@@ -2,20 +2,20 @@
 # vim: set filetype=python:
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 # Temporarily disabled. See bug 1256495.
 #test_certificates = (
 #    'default-ee.pem',
-#    'ee-from-whitelist-after-cutoff.pem',
-#    'ee-from-whitelist-before-cutoff.pem',
-#    'ee-not-whitelisted-after-cutoff.pem',
-#    'ee-not-whitelisted-before-cutoff.pem',
-#    'intermediate-other.pem',
-#    'intermediate-other-crossigned.pem',
-#    'intermediate-whitelisted.pem',
-#    'test-ca.pem',
+#    'symantec-ee-from-whitelist-after-cutoff.pem',
+#    'symantec-ee-from-whitelist-before-cutoff.pem',
+#    'symantec-ee-not-whitelisted-after-cutoff.pem',
+#    'symantec-ee-not-whitelisted-before-cutoff.pem',
+#    'symantec-intermediate-other.pem',
+#    'symantec-intermediate-other-crossigned.pem',
+#    'symantec-intermediate-whitelisted.pem',
+#    'symantec-test-ca.pem',
 #)
 #
 #for test_certificate in test_certificates:
 #    GeneratedTestCertificate(test_certificate)
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-after-cutoff.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-after-cutoff.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-after-cutoff.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-after-cutoff.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-before-cutoff.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-before-cutoff.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-from-whitelist-before-cutoff.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-from-whitelist-before-cutoff.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-after-cutoff.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-after-cutoff.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-after-cutoff.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-after-cutoff.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-before-cutoff.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-before-cutoff.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/ee-not-whitelisted-before-cutoff.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-ee-not-whitelisted-before-cutoff.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other-crossigned.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other-crossigned.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other-crossigned.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other-crossigned.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-other.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-other.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-whitelisted.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-whitelisted.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/intermediate-whitelisted.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-intermediate-whitelisted.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/real-google-g2-intermediate.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-real-google-g2-intermediate.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/real-googlecom.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-real-googlecom.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/test-ca.pem
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-test-ca.pem
rename from security/manager/ssl/tests/unit/test_symantec_apple_google/test-ca.pem.certspec
rename to security/manager/ssl/tests/unit/test_sanctions/symantec-test-ca.pem.certspec
rename from security/manager/ssl/tests/unit/test_symantec_apple_google.js
rename to security/manager/ssl/tests/unit/test_sanctions_symantec_apple_google.js
--- a/security/manager/ssl/tests/unit/test_symantec_apple_google.js
+++ b/security/manager/ssl/tests/unit/test_sanctions_symantec_apple_google.js
@@ -16,30 +16,36 @@ function shouldBeImminentlyDistrusted(aT
 }
 
 do_get_profile();
 
 const certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(
   Ci.nsIX509CertDB
 );
 
-add_tls_server_setup("SymantecSanctionsServer", "test_symantec_apple_google");
+add_tls_server_setup(
+  "SanctionsTestServer",
+  "test_sanctions",
+  /* Don't try to load non-existent test-ca.pem */ false
+);
+
+addCertFromFile(certDB, "test_sanctions/symantec-test-ca.pem", "CTu,u,u");
 
 // Add the necessary intermediates. This is important because the test server,
 // though it will attempt to send along an intermediate, isn't able to reliably
 // pick between the intermediate-other-crossigned and intermediate-other.
 add_test(function() {
   addCertFromFile(
     certDB,
-    "test_symantec_apple_google/intermediate-whitelisted.pem",
+    "test_sanctions/symantec-intermediate-whitelisted.pem",
     ",,"
   );
   addCertFromFile(
     certDB,
-    "test_symantec_apple_google/intermediate-other.pem",
+    "test_sanctions/symantec-intermediate-other.pem",
     ",,"
   );
   Services.prefs.setIntPref(
     "security.pki.distrust_ca_policy",
     /* DistrustedCAPolicy::DistrustSymantecRoots */ 0b01
   );
   run_next_test();
 });
@@ -108,17 +114,17 @@ add_test(function() {
   run_next_test();
 });
 
 // Add a cross-signed intermediate into the database, and ensure we still get
 // the expected error.
 add_test(function() {
   addCertFromFile(
     certDB,
-    "test_symantec_apple_google/intermediate-other-crossigned.pem",
+    "test_sanctions/symantec-intermediate-other-crossigned.pem",
     ",,"
   );
   run_next_test();
 });
 
 add_connection_test(
   "symantec-not-whitelisted-before-cutoff.example.com",
   MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED,
@@ -126,21 +132,21 @@ add_connection_test(
   null
 );
 
 // Load the wildcard *.google.com cert and its intermediate, then verify
 // it at a reasonable time and make sure the whitelists work
 add_task(async function() {
   addCertFromFile(
     certDB,
-    "test_symantec_apple_google/real-google-g2-intermediate.pem",
+    "test_sanctions/symantec-real-google-g2-intermediate.pem",
     ",,"
   );
   let whitelistedCert = constructCertFromFile(
-    "test_symantec_apple_google/real-googlecom.pem"
+    "test_sanctions/symantec-real-googlecom.pem"
   );
 
   // Since we don't want to actually try to fetch OCSP for this certificate,
   // (as an external fetch is bad in the tests), disable OCSP first.
   Services.prefs.setIntPref("security.OCSP.enabled", 0);
 
   // Try with the policy for 60
   Services.prefs.setIntPref(
rename from security/manager/ssl/tests/unit/tlsserver/cmd/SymantecSanctionsServer.cpp
rename to security/manager/ssl/tests/unit/tlsserver/cmd/SanctionsTestServer.cpp
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/SymantecSanctionsServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/SanctionsTestServer.cpp
@@ -13,32 +13,32 @@
 
 #include <stdio.h>
 
 #include "TLSServer.h"
 
 using namespace mozilla;
 using namespace mozilla::test;
 
-struct SymantecCertHost {
+struct SanctionsCertHost {
   const char* mHostName;
   const char* mCertName;
 };
 
 // Hostname, cert nickname pairs.
-const SymantecCertHost sSymantecCertHosts[] = {
+const SanctionsCertHost sSanctionsCertHosts[] = {
     {"symantec-whitelist-after-cutoff.example.com",
-     "ee-from-whitelist-after-cutoff"},
+     "symantec-ee-from-whitelist-after-cutoff"},
     {"symantec-whitelist-before-cutoff.example.com",
-     "ee-from-whitelist-before-cutoff"},
+     "symantec-ee-from-whitelist-before-cutoff"},
     {"symantec-not-whitelisted-after-cutoff.example.com",
-     "ee-not-whitelisted-after-cutoff"},
+     "symantec-ee-not-whitelisted-after-cutoff"},
     {"symantec-not-whitelisted-before-cutoff.example.com",
-     "ee-not-whitelisted-before-cutoff"},
-    {"symantec-unaffected.example.com", "ee-unaffected"},
+     "symantec-ee-not-whitelisted-before-cutoff"},
+    {"symantec-unaffected.example.com", "symantec-ee-unaffected"},
     {nullptr, nullptr}};
 
 int32_t DoSNISocketConfigBySubjectCN(PRFileDesc* aFd,
                                      const SECItem* aSrvNameArr,
                                      uint32_t aSrvNameArrSize) {
   for (uint32_t i = 0; i < aSrvNameArrSize; i++) {
     UniquePORTString name(
         static_cast<char*>(PORT_ZAlloc(aSrvNameArr[i].len + 1)));
@@ -51,18 +51,18 @@ int32_t DoSNISocketConfigBySubjectCN(PRF
     }
   }
 
   return SSL_SNI_SEND_ALERT;
 }
 
 int32_t DoSNISocketConfig(PRFileDesc* aFd, const SECItem* aSrvNameArr,
                           uint32_t aSrvNameArrSize, void* aArg) {
-  const SymantecCertHost* host =
-      GetHostForSNI(aSrvNameArr, aSrvNameArrSize, sSymantecCertHosts);
+  const SanctionsCertHost* host =
+      GetHostForSNI(aSrvNameArr, aSrvNameArrSize, sSanctionsCertHosts);
   if (!host) {
     // No static cert <-> hostname mapping found. This happens when we use a
     // collection of certificates in a given directory and build a cert DB at
     // runtime, rather than using an NSS cert DB populated at build time.
     // (This will be the default in the future.)
     // For all given server names, check if the runtime-built cert DB contains
     // a certificate with a matching subject CN.
     return DoSNISocketConfigBySubjectCN(aFd, aSrvNameArr, aSrvNameArrSize);
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/moz.build
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/moz.build
@@ -3,17 +3,17 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 GeckoSimplePrograms([
     'BadCertAndPinningServer',
     'GenerateOCSPResponse',
     'OCSPStaplingServer',
-    'SymantecSanctionsServer',
+    'SanctionsTestServer',
 ], linkage=None)
 
 LOCAL_INCLUDES += [
     '../lib',
 ]
 
 USE_LIBS += [
     'mozpkix',
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -11,39 +11,39 @@ support-files =
   test_cert_embedded_null/**
   test_cert_isBuiltInRoot_reload/**
   test_cert_keyUsage/**
   test_cert_overrides_read_only/**
   test_cert_sha1/**
   test_cert_signatures/**
   test_cert_storage_preexisting/**
   test_cert_trust/**
+  test_cert_utf8/**
   test_cert_version/**
-  test_cert_utf8/**
   test_certDB_import/**
   test_certviewer_invalid_oids/**
   test_content_signing/**
   test_ct/**
   test_ev_certs/**
   test_intermediate_basic_usage_constraints/**
   test_intermediate_preloads/**
   test_keysize/**
   test_keysize_ev/**
   test_missing_intermediate/**
   test_name_constraints/**
   test_ocsp_url/**
   test_onecrl/**
   test_pinning_dynamic/**
+  test_sanctions/**
   test_sdr_preexisting/**
   test_sdr_preexisting_with_password/**
   test_sdr_upgraded_with_password/**
   test_self_signed_certs/**
   test_signed_apps/**
   test_startcom_wosign/**
-  test_symantec_apple_google/**
   test_validity/**
   tlsserver/**
 
 [test_add_preexisting_cert.js]
 [test_baseline_requirements_subject_common_name.js]
 [test_blocklist_onecrl.js]
 # Skip signature tests for Thunderbird (Bug 1341983).
 skip-if = appname == "thunderbird"
@@ -208,17 +208,17 @@ firefox-appdir = browser
 skip-if = toolkit == 'android' || appname == 'thunderbird'
 [test_startcom_wosign.js]
 [test_sts_fqdn.js]
 [test_sts_ipv4_ipv6.js]
 [test_sts_parser.js]
 [test_sts_preload_dynamic.js]
 [test_sts_preloadlist_perwindowpb.js]
 [test_sts_preloadlist_selfdestruct.js]
-[test_symantec_apple_google.js]
+[test_sanctions_symantec_apple_google.js]
 run-sequentially = hardcoded ports
 [test_validity.js]
 run-sequentially = hardcoded ports
 [test_x509.js]
 
 # The TLS error reporting functionality lives in /toolkit but needs tlsserver
 [test_toolkit_securityreporter.js]
 run-sequentially = hardcoded ports
--- a/testing/xpcshell/remotexpcshelltests.py
+++ b/testing/xpcshell/remotexpcshelltests.py
@@ -396,17 +396,17 @@ class XPCShellRemote(xpcshell.XPCShellTe
         # TEST_HARNESS_BINS in testing/mochitest/Makefile.in.
         binaries = ["xpcshell",
                     "ssltunnel",
                     "certutil",
                     "pk12util",
                     "BadCertAndPinningServer",
                     "OCSPStaplingServer",
                     "GenerateOCSPResponse",
-                    "SymantecSanctionsServer"]
+                    "SanctionsTestServer"]
         for fname in binaries:
             local = os.path.join(self.localBin, fname)
             if os.path.isfile(local):
                 print("Pushing %s.." % fname, file=sys.stderr)
                 remoteFile = posixpath.join(self.remoteBinDir, fname)
                 self.device.push(local, remoteFile)
                 self.device.chmod(remoteFile, root=True)
             else:
--- a/toolkit/mozapps/installer/upload-files.mk
+++ b/toolkit/mozapps/installer/upload-files.mk
@@ -271,17 +271,17 @@ NO_PKG_FILES += \
 	nsinstall* \
 	res/samples \
 	res/throbber \
 	shlibsign* \
 	certutil* \
 	pk12util* \
 	BadCertAndPinningServer* \
 	OCSPStaplingServer* \
-	SymantecSanctionsServer* \
+	SanctionsTestServer* \
 	GenerateOCSPResponse* \
 	chrome/chrome.rdf \
 	chrome/app-chrome.manifest \
 	chrome/overlayinfo \
 	components/compreg.dat \
 	components/xpti.dat \
 	content_unit_tests \
 	necko_unit_tests \