Backed out 2 changesets (bug 987816) for xpcshell orange
authorWes Kocher <wkocher@mozilla.com>
Fri, 28 Mar 2014 16:57:12 -0700
changeset 194512 dd433d12561bb75b984fe56734bcc67b3d8c6c07
parent 194511 245d0cb5a7b32e10fdbd1cbcb42ca7380c2bfbce
child 194513 574ec49a35b8dbc8b6c6ff607e2a4c91018de1fc
push id3624
push userasasaki@mozilla.com
push dateMon, 09 Jun 2014 21:49:01 +0000
treeherdermozilla-beta@b1a5da15899a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs987816
milestone31.0a1
backs out245d0cb5a7b32e10fdbd1cbcb42ca7380c2bfbce
b714220dd39d499d24d4955133332de267df84e4
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 987816) for xpcshell orange Backed out changeset 245d0cb5a7b3 (bug 987816) Backed out changeset b714220dd39d (bug 987816)
security/certverifier/CertVerifier.cpp
security/manager/ssl/tests/unit/head_psm.js
security/manager/ssl/tests/unit/test_certificate_usages.js
--- a/security/certverifier/CertVerifier.cpp
+++ b/security/certverifier/CertVerifier.cpp
@@ -140,19 +140,16 @@ ClassicVerifyCert(CERTCertificate* cert,
         enumUsage = certUsageEmailSigner;
         break;
       case certificateUsageEmailRecipient:
         enumUsage = certUsageEmailRecipient;
         break;
       case certificateUsageObjectSigner:
         enumUsage = certUsageObjectSigner;
         break;
-      case certificateUsageVerifyCA:
-        enumUsage = certUsageVerifyCA;
-        break;
       case certificateUsageStatusResponder:
         enumUsage = certUsageStatusResponder;
         break;
       default:
         PR_NOT_REACHED("unexpected usage");
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
@@ -473,17 +470,16 @@ CertVerifier::VerifyCert(CERTCertificate
 
   switch(usage){
     case certificateUsageSSLClient:
     case certificateUsageSSLServer:
     case certificateUsageSSLCA:
     case certificateUsageEmailSigner:
     case certificateUsageEmailRecipient:
     case certificateUsageObjectSigner:
-    case certificateUsageVerifyCA:
     case certificateUsageStatusResponder:
       break;
     default:
       PORT_SetError(SEC_ERROR_INVALID_ARGS);
       return SECFailure;
   }
 
   if ((flags & FLAG_MUST_BE_EV) && usage != certificateUsageSSLServer) {
--- a/security/manager/ssl/tests/unit/head_psm.js
+++ b/security/manager/ssl/tests/unit/head_psm.js
@@ -95,29 +95,16 @@ function setCertTrust(cert, trustString)
 }
 
 function getXPCOMStatusFromNSS(statusNSS) {
   let nssErrorsService = Cc["@mozilla.org/nss_errors_service;1"]
                            .getService(Ci.nsINSSErrorsService);
   return nssErrorsService.getXPCOMFromNSSError(statusNSS);
 }
 
-function checkCertErrorGeneric(certdb, cert, expectedError, usage) {
-  let hasEVPolicy = {};
-  let verifiedChain = {};
-  let error = certdb.verifyCertNow(cert, usage, NO_FLAGS, verifiedChain,
-                                   hasEVPolicy);
-  // expected error == -1 is a special marker for any error is OK
-  if (expectedError != -1 ) {
-    do_check_eq(error, expectedError);
-  } else {
-    do_check_neq (error, 0);
-  }
-}
-
 function _getLibraryFunctionWithNoArguments(functionName, libraryName) {
   // Open the NSS library. copied from services/crypto/modules/WeaveCrypto.js
   let path = ctypes.libraryName(libraryName);
 
   // XXX really want to be able to pass specific dlopen flags here.
   let nsslib;
   try {
     nsslib = ctypes.open(path);
--- a/security/manager/ssl/tests/unit/test_certificate_usages.js
+++ b/security/manager/ssl/tests/unit/test_certificate_usages.js
@@ -119,19 +119,17 @@ function run_test_in_mode(useMozillaPKIX
   for (var i = 0; i < gNumCAs; i++) {
     var ca_name = "ca-" + (i + 1);
     var verified = {};
     var usages = {};
     var cert = certdb.findCertByNickname(null, ca_name);
     cert.getUsagesString(true, verified, usages);
     do_print("usages.value=" + usages.value);
     do_check_eq(ca_usages[i], usages.value);
-    if (ca_usages[i].indexOf('SSL CA') != -1) {
-      checkCertErrorGeneric(certdb, cert, 0, certificateUsageVerifyCA);
-    }
+
     //now the ee, names also one based
     for (var j = 0; j < ee_usages[i].length; j++) {
       var ee_name = "ee-" + (j + 1) + "-" + ca_name;
       var ee_filename = ee_name + ".der";
       //do_print("ee_filename" + ee_filename);
       addCertFromFile(certdb, "test_certificate_usages/" + ee_filename, ",,");
       var ee_cert;
       ee_cert = certdb.findCertByNickname(null, ee_name);