Bug 1430973 - Reression test to make sure non-ASCII file paths work. r=keeler
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Sat, 30 Dec 2017 14:52:10 +0900
changeset 401123 3400bd30ef044952bd34b0e39eea0d1d6d4cd4d0
parent 401122 302ea60374722d3dbf01acb656130b6b0eef7e4c
child 401124 9340a317aed604ad5d426c825e2dbd68f7d70da3
push id33331
push userccoroiu@mozilla.com
push dateSun, 28 Jan 2018 10:39:25 +0000
treeherdermozilla-central@9b144f79e512 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1430973
milestone60.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1430973 - Reression test to make sure non-ASCII file paths work. r=keeler MozReview-Commit-ID: D77JALyAiWl
security/manager/ssl/tests/unit/test_nonascii_path.js
security/manager/ssl/tests/unit/xpcshell.ini
copy from security/manager/ssl/tests/unit/test_cert_trust.js
copy to security/manager/ssl/tests/unit/test_nonascii_path.js
--- a/security/manager/ssl/tests/unit/test_cert_trust.js
+++ b/security/manager/ssl/tests/unit/test_nonascii_path.js
@@ -1,145 +1,46 @@
 // -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 "use strict";
 
-do_get_profile(); // must be called before getting nsIX509CertDB
+// Tests to make sure that the certificate DB works with non-ASCII paths.
+
+// Append a single quote and non-ASCII characters to the profile path.
+let env = Components.classes["@mozilla.org/process/environment;1"]
+                    .getService(Components.interfaces.nsIEnvironment);
+let profd = env.get("XPCSHELL_TEST_PROFILE_DIR");
+let file = Components.classes["@mozilla.org/file/local;1"]
+                     .createInstance(Components.interfaces.nsIFile);
+file.initWithPath(profd);
+file.append("'รท1");
+env.set("XPCSHELL_TEST_PROFILE_DIR", file.path);
+
+file = do_get_profile(); // must be called before getting nsIX509CertDB
+Assert.ok(/[^\x20-\x7f]/.test(file.path), "the profile path should contain a non-ASCII character");
+if (mozinfo.os == "win") {
+  file.QueryInterface(Components.interfaces.nsILocalFileWin);
+  Assert.ok(/[^\x20-\x7f]/.test(file.canonicalPath), "the profile short path should contain a non-ASCII character");
+}
+
+// Restore the original value.
+env.set("XPCSHELL_TEST_PROFILE_DIR", profd);
+
 const certdb  = Cc["@mozilla.org/security/x509certdb;1"]
                   .getService(Ci.nsIX509CertDB);
 
 function load_cert(cert_name, trust_string) {
   let cert_filename = cert_name + ".pem";
   return addCertFromFile(certdb, "test_cert_trust/" + cert_filename,
                          trust_string);
 }
 
-function setup_basic_trusts(ca_cert, int_cert) {
-  certdb.setCertTrust(ca_cert, Ci.nsIX509Cert.CA_CERT,
-                      Ci.nsIX509CertDB.TRUSTED_SSL |
-                      Ci.nsIX509CertDB.TRUSTED_EMAIL);
-
-  certdb.setCertTrust(int_cert, Ci.nsIX509Cert.CA_CERT, 0);
-}
-
-function test_ca_distrust(ee_cert, cert_to_modify_trust, isRootCA) {
-  // On reset most usages are successful
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-
-  // Test of active distrust. No usage should pass.
-  setCertTrust(cert_to_modify_trust, "p,p,p");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailRecipient);
-
-  // Trust set to T  -  trusted CA to issue client certs, where client cert is
-  // usageSSLClient.
-  setCertTrust(cert_to_modify_trust, "T,T,T");
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-
-  // Now tests on the SSL trust bit
-  setCertTrust(cert_to_modify_trust, "p,C,C");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLServer);
-
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-  // Inherited trust SSL
-  setCertTrust(cert_to_modify_trust, ",C,C");
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  // XXX(Bug 982340)
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-
-  // Now tests on the EMAIL trust bit
-  setCertTrust(cert_to_modify_trust, "C,p,C");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
-                        certificateUsageEmailRecipient);
-
-
-  // inherited EMAIL Trust
-  setCertTrust(cert_to_modify_trust, "C,,C");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
-                        certificateUsageSSLCA);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
-                                                  : PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
-}
-
-
 function run_test() {
   let certList = [
     "ca",
     "int",
     "ee",
   ];
   let loadedCerts = [];
   for (let certName of certList) {
@@ -147,43 +48,9 @@ function run_test() {
   }
 
   let ca_cert = loadedCerts[0];
   notEqual(ca_cert, null, "CA cert should have successfully loaded");
   let int_cert = loadedCerts[1];
   notEqual(int_cert, null, "Intermediate cert should have successfully loaded");
   let ee_cert = loadedCerts[2];
   notEqual(ee_cert, null, "EE cert should have successfully loaded");
-
-  setup_basic_trusts(ca_cert, int_cert);
-  test_ca_distrust(ee_cert, ca_cert, true);
-
-  setup_basic_trusts(ca_cert, int_cert);
-  test_ca_distrust(ee_cert, int_cert, false);
-
-  // Reset trust to default ("inherit trust")
-  setCertTrust(ca_cert, ",,");
-  setCertTrust(int_cert, ",,");
-
-  // If an end-entity certificate is manually trusted, it may not be the root of
-  // its own verified chain. In general this will cause "unknown issuer" errors
-  // unless a CA trust anchor can be found.
-  setCertTrust(ee_cert, "CTu,CTu,CTu");
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNKNOWN_ISSUER,
-                        certificateUsageEmailRecipient);
-
-  // Now make a CA trust anchor available.
-  setCertTrust(ca_cert, "CTu,CTu,CTu");
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLServer);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageSSLClient);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailSigner);
-  checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
-                        certificateUsageEmailRecipient);
 }
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -103,16 +103,17 @@ run-sequentially = hardcoded ports
 [test_keysize_ev.js]
 run-sequentially = hardcoded ports
 [test_local_cert.js]
 [test_logoutAndTeardown.js]
 run-sequentially = hardcoded ports
 [test_missing_intermediate.js]
 run-sequentially = hardcoded ports
 [test_name_constraints.js]
+[test_nonascii_path.js]
 [test_nsCertType.js]
 run-sequentially = hardcoded ports
 [test_nsIX509Cert_utf8.js]
 [test_nsIX509CertValidity.js]
 [test_nss_shutdown.js]
 [test_ocsp_caching.js]
 run-sequentially = hardcoded ports
 [test_ocsp_enabled_pref.js]