Bug 470963 - stop copying build/pgo/certs to the objdir, r=ted.mielczarek
authorHonza Bambas <honzab.moz@firemni.cz>
Sun, 18 Jan 2009 15:20:48 +0100
changeset 23898 851e7b387ec054cba10798e35f973a507061dcfa
parent 23897 359c9f07d0148e2a23b7a0cef4155a551924a92a
child 23899 e7e8a8f2783d0c14e1b0e58643ebc2e1e7fcf970
push idunknown
push userunknown
push dateunknown
reviewersted.mielczarek
bugs470963
milestone1.9.2a1pre
Bug 470963 - stop copying build/pgo/certs to the objdir, r=ted.mielczarek
build/pgo/Makefile.in
build/pgo/automation.py.in
build/pgo/certs/Makefile.in
build/pgo/genpgocert.py.in
testing/mochitest/Makefile.in
old mode 100644
new mode 100755
--- a/build/pgo/Makefile.in
+++ b/build/pgo/Makefile.in
@@ -42,24 +42,22 @@ srcdir		= @srcdir@
 VPATH		= @srcdir@
 relativesrcdir = build/pgo
 
 include $(DEPTH)/config/autoconf.mk
 
 DIRS = \
   blueprint \
   js-input \
-  certs \
   $(NULL)
 
 include $(topsrcdir)/config/rules.mk
 
 # Stuff to make a build with a profile
 _PROFILE_DIR = $(DEPTH)/_profile/pgo
-_CERTS_DIR = $(_PROFILE_DIR)/certs
 _CERTS_SRC_DIR = $(srcdir)/certs
 
 _PGO_FILES = 	\
   automation.py \
   profileserver.py \
   genpgocert.py \
   index.html \
   server-locations.txt \
@@ -85,17 +83,17 @@ else
 browser_path = \"$(DIST)/bin/$(PROGRAM)\"
 endif
 endif
 
 AUTOMATION_PPARGS = 	\
 			-DBROWSER_PATH=$(browser_path) \
 			-DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \
 			-DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \
-			-DCERTS_DIR=\"$(_CERTS_DIR)\" \
+			-DPROFILE_DIR=\"$(_PROFILE_DIR)\" \
 			-DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \
 			$(NULL)
 
 ifeq ($(OS_ARCH),Darwin)
 AUTOMATION_PPARGS += -DIS_MAC=1
 else
 AUTOMATION_PPARGS += -DIS_MAC=0
 endif
--- a/build/pgo/automation.py.in
+++ b/build/pgo/automation.py.in
@@ -77,17 +77,18 @@ SCRIPT_DIR = os.path.abspath(os.path.rea
 IS_CYGWIN = False
 #endif
 #expand IS_CAMINO = __IS_CAMINO__ != 0
 #expand BIN_SUFFIX = __BIN_SUFFIX__
 
 UNIXISH = not IS_WIN32 and not IS_MAC
 
 #expand DEFAULT_APP = "./" + __BROWSER_PATH__
-#expand CERTS_DIR = __CERTS_DIR__
+#expand PROFILE_DIR = __PROFILE_DIR__
+#expand CERTS_SRC_DIR = __CERTS_SRC_DIR__
 #expand IS_TEST_BUILD = __IS_TEST_BUILD__
 #expand IS_DEBUG_BUILD = __IS_DEBUG_BUILD__
 
 ###########
 # LOGGING #
 ###########
 
 # We use the logging system here primarily because it'll handle multiple
@@ -393,21 +394,21 @@ def fillCertificateDB(profileDir):
 
   pwfilePath = os.path.join(profileDir, ".crtdbpw")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
   # Create head of the ssltunnel configuration file
-  sslTunnelConfigPath = os.path.join(CERTS_DIR, "ssltunnel.cfg")
+  sslTunnelConfigPath = os.path.join(PROFILE_DIR, "ssltunnel.cfg")
   sslTunnelConfig = open(sslTunnelConfigPath, "w")
   
   sslTunnelConfig.write("httpproxy:1\n")
-  sslTunnelConfig.write("certdbdir:%s\n" % CERTS_DIR)
+  sslTunnelConfig.write("certdbdir:%s\n" % CERTS_SRC_DIR)
   sslTunnelConfig.write("forward:127.0.0.1:8888\n")
   sslTunnelConfig.write("listen:*:4443:pgo server certificate\n")
 
   # Configure automatic certificate and bind custom certificates, client authentication
   locations = readLocations()
   locations.pop(0)
   for loc in locations:
     if loc.scheme == "https" and "nocert" not in loc.options:
@@ -432,26 +433,27 @@ def fillCertificateDB(profileDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
   status = Process(certutil, ["-N", "-d", profileDir, "-f", pwfilePath], environment()).wait()
   if status != 0:
     return status
 
   # Walk the cert directory and add custom CAs and client certs
-  files = os.listdir(CERTS_DIR)
+  files = os.listdir(CERTS_SRC_DIR)
   for item in files:
     root, ext = os.path.splitext(item)
     if ext == ".ca":
-      Process(certutil, ["-A", "-i", os.path.join(CERTS_DIR, item),
+      Process(certutil, ["-A", "-i", os.path.join(CERTS_SRC_DIR, item),
         "-d", profileDir, "-f", pwfilePath, "-n", root, "-t", "CT,,"],
         environment()).wait()
     if ext == ".client":
-      Process(pk12util, ["-i", os.path.join(CERTS_DIR, item), "-w", pwfilePath,
-        "-d", profileDir], environment()).wait()
+      Process(pk12util, ["-i", os.path.join(CERTS_SRC_DIR, item), "-w",
+        pwfilePath, "-d", profileDir], 
+        environment()).wait()
 
   os.unlink(pwfilePath)
   return 0
 
 def environment(env = None):
   if env == None:
     env = dict(os.environ)
 
@@ -473,17 +475,17 @@ def runApp(testURL, env, app, profileDir
     # create certificate database for the profile
     certificateStatus = fillCertificateDB(profileDir)
     if certificateStatus != 0:
       log.info("ERROR FAIL Certificate integration")
       return certificateStatus
   
     # start ssltunnel to provide https:// URLs capability
     ssltunnel = DIST_BIN + "/ssltunnel" + BIN_SUFFIX
-    ssltunnelProcess = Process(ssltunnel, [os.path.join(CERTS_DIR, "ssltunnel.cfg")], environment())
+    ssltunnelProcess = Process(ssltunnel, [os.path.join(PROFILE_DIR, "ssltunnel.cfg")], environment())
     log.info("SSL tunnel pid: %d", ssltunnelProcess.pid)
   
   "Run the app, returning the time at which it was started."
   # mark the start
   start = datetime.now()
 
   # now run with the profile we created
   cmd = app
deleted file mode 100644
--- a/build/pgo/certs/Makefile.in
+++ /dev/null
@@ -1,74 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is Mozilla test code
-#
-# The Initial Developer of the Original Code is
-# Mozilla Foundation
-# Portions created by the Initial Developer are Copyright (C) 2008
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-# Honza Bambas <honzab@firemni.cz>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH		= ../../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-_PROFILE_DIR = $(DEPTH)/_profile/pgo
-_CERTS_DIR = $(_PROFILE_DIR)/certs
-
-# Following files will be added as trusted Certificate Authorities
-# to the PGO profile.
-# Extension of those files MUST BE '.ca'.
-_CERT_AUTHORITIES = \
-    pgoca.ca \
-    $(NULL)
-
-
-# Following files will be added as user/client certificates
-# to the PGO profile to be used for client authentication.
-# Extension of those files MUST BE '.client'.
-_CLIENT_CERTS = \
-    mochitest.client \
-    $(NULL)
-
-_SERV_FILES = \
-    pgoca.p12 \
-    cert8.db \
-    key3.db \
-    secmod.db \
-    $(NULL)
-
-include $(topsrcdir)/config/rules.mk
-
-libs:: $(_SERV_FILES) $(_CERT_AUTHORITIES) $(_CLIENT_CERTS)
-	$(INSTALL) $^ $(_CERTS_DIR)
--- a/build/pgo/genpgocert.py.in
+++ b/build/pgo/genpgocert.py.in
@@ -39,17 +39,17 @@
 import automation
 import os
 import re
 import shutil
 import sys
 
 #expand DIST_BIN = __XPC_BIN_PATH__
 #expand BIN_SUFFIX = __BIN_SUFFIX__
-#expand CERTS_DIR = __CERTS_DIR__
+#expand PROFILE_DIR = __PROFILE_DIR__
 #expand CERTS_SRC_DIR = __CERTS_SRC_DIR__
 
 dbFiles = [
   re.compile("^cert[0-9]+\.db$"),
   re.compile("^key[0-9]+\.db$"),
   re.compile("^secmod\.db$")
 ]
 
@@ -63,51 +63,42 @@ def unlinkDbFiles(path):
 def dbFilesExist(path):
   for root, dirs, files in os.walk(path):
     for name in files:
       for dbFile in dbFiles:
         if dbFile.match(name) and os.path.exists(os.path.join(root, name)):
           return True
   return False
 
-def installDbFiles(path, dest):
-  for root, dirs, files in os.walk(path):
-    for name in files:
-      for dbFile in dbFiles:
-        if dbFile.match(name):
-          shutil.copy(os.path.join(root, name), os.path.join(dest, name))
-
 
 def runUtil(util, args, inputdata = None):
   proc = automation.Process(util, args, automation.environment(), inputdata)
   return proc.wait()
 
 
 def createRandomFile(randomFile):
   import random
   file = open(randomFile, "wb");
   for count in xrange(0, 2048):
     file.write(chr(random.randint(0, 255)))
   file.close()
 
 
-def createCertificateAuthority(dbDir, srcDir):
+def createCertificateAuthority(profileDir, srcDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
-  tempDbDir = os.path.join(dbDir, ".temp")
+  tempDbDir = os.path.join(profileDir, ".temp")
   if not os.path.exists(tempDbDir):
     os.mkdir(tempDbDir)
   
   pwfilePath = os.path.join(tempDbDir, ".crtdbpw")
   rndfilePath = os.path.join(tempDbDir, ".rndfile")
   pgoCAModulePathSrc = os.path.join(srcDir, "pgoca.p12")
   pgoCAPathSrc = os.path.join(srcDir, "pgoca.ca")
-  pgoCAModulePath = os.path.join(srcDir, "pgoca.p12")
-  pgoCAPath = os.path.join(srcDir, "pgoca.ca")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
   unlinkDbFiles(tempDbDir)
 
   # Create temporary certification database for CA generation
@@ -130,44 +121,43 @@ def createCertificateAuthority(dbDir, sr
     
   unlinkDbFiles(tempDbDir)
   os.unlink(pwfilePath)
   os.unlink(rndfilePath)
   os.rmdir(tempDbDir)
   return 0
 
 
-def createSSLServerCertificate(dbDir, srcDir):
+def createSSLServerCertificate(profileDir, srcDir):
   certutil = DIST_BIN + "/certutil" + BIN_SUFFIX
   pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX
 
-  pwfilePath = os.path.join(dbDir, ".crtdbpw")
-  rndfilePath = os.path.join(dbDir, ".rndfile")
-  pgoCAPath = os.path.join(dbDir, "pgoca.p12")
+  pwfilePath = os.path.join(profileDir, ".crtdbpw")
+  rndfilePath = os.path.join(profileDir, ".rndfile")
+  pgoCAPath = os.path.join(srcDir, "pgoca.p12")
   
   pwfile = open(pwfilePath, "w")
   pwfile.write("\n")
   pwfile.close()
 
-  unlinkDbFiles(dbDir)
-
   if not dbFilesExist(srcDir):
+    # Make sure all DB files from src are really deleted
     unlinkDbFiles(srcDir)
     
     # Create certification database for ssltunnel
     status = runUtil(certutil, ["-N", "-d", srcDir, "-f", pwfilePath])
     if status != 0:
       return status
   
     status = runUtil(pk12util, ["-i", pgoCAPath, "-w", pwfilePath, "-d", srcDir, "-k", pwfilePath])
     if status != 0:
       return status
 
   # Generate automatic certificate
-  locations = automation.readLocations(os.path.join(dbDir, "../server-locations.txt"))
+  locations = automation.readLocations(os.path.join(profileDir, "server-locations.txt"))
   locations.pop(0)
   locationsParam = ""
   firstLocation = ""
   for loc in locations:
     if loc.scheme == "https" and "nocert" not in loc.options:
       customCertOption = False
       customCertRE = re.compile("^cert=(?:\w+)")
       for option in loc.options:
@@ -191,35 +181,34 @@ def createSSLServerCertificate(dbDir, sr
     
     runUtil(certutil, ["-D", "-n", "pgo server certificate", "-d", srcDir, "-z", rndfilePath, "-f", pwfilePath])
     # Ignore the result, the certificate may not be present when new database is being built
     
     status = runUtil(certutil, ["-S", "-s", "CN=%s" % firstLocation, "-t", "Pu,,", "-c", "pgo temporary ca", "-m", "2", "-8", locationsParam, "-v", "12", "-n", "pgo server certificate", "-d", srcDir, "-z", rndfilePath, "-f", pwfilePath])
     if status != 0:
       return status
     
-  installDbFiles(srcDir, dbDir)
   os.unlink(pwfilePath)
   os.unlink(rndfilePath)
   return 0
 
 
 if len(sys.argv) == 1:
   print "Specify --gen-server or --gen-ca"
   sys.exit(1)
 
 if sys.argv[1] == "--gen-server":
-  certificateStatus = createSSLServerCertificate(CERTS_DIR, CERTS_SRC_DIR)
+  certificateStatus = createSSLServerCertificate(PROFILE_DIR, CERTS_SRC_DIR)
   if certificateStatus != 0:
     print "ERROR FAIL: SSL Server Certificate generation"
   
   sys.exit(certificateStatus)
   
 if sys.argv[1] == "--gen-ca":
-  certificateStatus = createCertificateAuthority(CERTS_DIR, CERTS_SRC_DIR)
+  certificateStatus = createCertificateAuthority(PROFILE_DIR, CERTS_SRC_DIR)
   if certificateStatus != 0:
     print "ERROR FAIL: Certificate Authority generation"
   else:
     print "\n\n"
     print "==================================================="
     print " IMPORTANT:"
     print " To use this new certificate authority in tests"
     print " run 'make' at testing/mochitest"
--- a/testing/mochitest/Makefile.in
+++ b/testing/mochitest/Makefile.in
@@ -69,17 +69,18 @@ include $(topsrcdir)/config/rules.mk
 		redirect.js \
 		$(topsrcdir)/build/pgo/server-locations.txt \
 		$(topsrcdir)/netwerk/test/httpserver/httpd.js \
 		mozprefs.js \
 		$(NULL)	
 
 
 _DEST_DIR = $(DEPTH)/_tests/$(relativesrcdir)
-_CERTS_DIR = $(DEPTH)/_profile/pgo/certs
+_PROFILE_DIR = $(DEPTH)/_profile/pgo
+_CERTS_SRC_DIR = $(topsrcdir)/build/pgo/certs
 
 ifeq ($(USE_SHORT_LIBNAME), 1)
 PROGRAM = $(MOZ_APP_NAME)$(BIN_SUFFIX)
 else
 PROGRAM = $(MOZ_APP_NAME)-bin$(BIN_SUFFIX)
 endif
 
 ifeq ($(MOZ_BUILD_APP),camino)
@@ -96,17 +97,18 @@ browser_path = \"../$(DIST)/bin/$(PROGRA
 endif
 endif
 
 # These go in _tests/ so they need to go up an extra path segement
 TEST_DRIVER_PPARGS = 	\
 			-DBROWSER_PATH=$(browser_path) \
 			-DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \
 			-DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \
-			-DCERTS_DIR=\"../$(_CERTS_DIR)\" \
+			-DPROFILE_DIR=\"../$(_PROFILE_DIR)\" \
+			-DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \
 			$(NULL)
 
 ifeq ($(OS_ARCH),Darwin)
 TEST_DRIVER_PPARGS += -DIS_MAC=1
 else
 TEST_DRIVER_PPARGS += -DIS_MAC=0
 endif