Closed
Bug 1013504
Opened 10 years ago
Closed 10 years ago
genHPKPStaticPins.js needs an error file in hg
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
FIXED
mozilla32
People
(Reporter: mmc, Assigned: mmc)
References
Details
Attachments
(1 file, 1 obsolete file)
4.11 KB,
patch
|
keeler
:
review+
|
Details | Diff | Splinter Review |
So we can track changes to errors.
Assignee | ||
Comment 1•10 years ago
|
||
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → mmc
Status: NEW → ASSIGNED
Assignee | ||
Comment 2•10 years ago
|
||
Assignee | ||
Updated•10 years ago
|
Attachment #8425671 -
Attachment is obsolete: true
Assignee | ||
Comment 3•10 years ago
|
||
Comment on attachment 8425672 [details] [diff] [review] Introduce error file for genHPKPStaticPins.js ( Review of attachment 8425672 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/manager/boot/src/StaticHPKPins.errors @@ +1,3 @@ > ++ set -e > ++ OBJ=obj-x86_64-unknown-linux-gnu > ++ obj-x86_64-unknown-linux-gnu/dist/bin/run-mozilla.sh obj-x86_64-unknown-linux-gnu/dist/bin/xpcshell /home/mchew/mozilla-central/security/manager/tools/genHPKPStaticPins.js /home/mchew/mozilla-central/security/manager/tools/PreloadedHPKPins.json /home/mchew/mozilla-central/security/manager/ssl/tests/unit/tlsserver/default-ee.der /home/mchew/mozilla-central/security/manager/boot/src/StaticHPKPins.h These will go away once it's integrated into the build. The HPKP JS generator writes to an errors file specifically. I think that's inferior to redirecting stdout and stderr in the bash script driver, because it will miss throws, etc. Also the NS_WARNINGS will go away on non-debug builds.
Attachment #8425672 -
Flags: review?(dkeeler)
Comment on attachment 8425672 [details] [diff] [review] Introduce error file for genHPKPStaticPins.js ( Review of attachment 8425672 [details] [diff] [review]: ----------------------------------------------------------------- 13:06 keeler | mmc: for bug 1013504, is the added file the stderr/stdout of running xpcshell on genHPKPStatisPins.js? 13:06 mmc | keeler, yes it is 13:06 mmc | i'm almost done with the bash script updates 13:06 mmc | it's just that the bash script requires checking out the errors file from hg 13:06 mmc | so there's a bit of a bootstrapping issue 13:06 keeler | ah... 13:06 keeler | what bug is the bash script for? 13:06 mmc | sec 13:07 mmc | keeler, Bug 1004279 13:09 keeler | mmc: cool - thanks. So this is basically for bootstrapping and will be more useful when the automation is hooked up? 13:09 mmc | yes, sorry i should have put that in the bug description 13:09 keeler | no worries :) r=me ::: security/manager/boot/src/StaticHPKPins.h @@ +778,5 @@ > static const int kPublicKeyPinningPreloadListLength = 307; > > static const int32_t kUnknownId = -1; > > +static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1411498007030000); I'm not sure we need to touch this file when checking in the errors file, but it probably doesn't matter at this point.
Attachment #8425672 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 5•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/3c522cd0fa6d
Assignee | ||
Comment 6•10 years ago
|
||
Btw, running this from the bash generator yields something much less spammy: Can't find hash in builtin certs for Chrome nickname RapidSSL, inserting GOOGLE_PIN_RapidSSL Can't find hash in builtin certs for Chrome nickname Entrust_G2, inserting GOOGLE_PIN_Entrust_G2 Can't find hash in builtin certs for Chrome nickname Tor2web, inserting GOOGLE_PIN_Tor2web Can't find hash in builtin certs for Chrome nickname AlphaSSL_G2, inserting GOOGLE_PIN_AlphaSSL_G2 Can't find hash in builtin certs for Chrome nickname CryptoCat1, inserting GOOGLE_PIN_CryptoCat1 Can't find hash in builtin certs for Chrome nickname Libertylavabitcom, inserting GOOGLE_PIN_Libertylavabitcom
Comment 7•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/3c522cd0fa6d
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla32
You need to log in
before you can comment on or make changes to this bug.
Description
•