Closed Bug 1194013 Opened 9 years ago Closed 9 years ago

convert test_name_constraints.js to generate certificates at build time

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla43
Tracking Status
firefox43 --- fixed

People

(Reporter: keeler, Assigned: keeler)

References

Details

Attachments

(1 file)

See bug 1174288. test_name_constraints.js should generate certificates at build time.
bug 1194013 - convert test_name_constraints.js to generate certificates at build time
Attachment #8650021 - Flags: review?(mgoodwin)
Attachment #8650021 - Flags: review?(cykesiopka.bmo)
Comment on attachment 8650021 [details] MozReview Request: bug 1194013 - convert test_name_constraints.js to generate certificates at build time https://reviewboard.mozilla.org/r/15933/#review15005 Looks good to me.
Attachment #8650021 - Flags: review?(mgoodwin) → review+
Comment on attachment 8650021 [details] MozReview Request: bug 1194013 - convert test_name_constraints.js to generate certificates at build time https://reviewboard.mozilla.org/r/15933/#review15033 I only glanced over the various .certspec files (I think my eyes would bleed otherwise). ::: security/manager/ssl/tests/unit/moz.build:19 (Diff revision 1) > 'test_pinning_dynamic', Minor nit: Might as well sort this after test_ocsp_url. ::: security/manager/ssl/tests/unit/pycert.py:203 (Diff revision 1) > + if string.find('/') < 0: Nit: Maybe |if '/' not in string|? ::: security/manager/ssl/tests/unit/pycert.py:497 (Diff revision 1) > + if name.startswith('/'): Hmm, doesn't this mean directoryName specifications that explicitly specify their encoding will be treated as dNSNames? ::: security/manager/ssl/tests/unit/test_name_constraints/dcisscopy.pem.certspec:1 (Diff revision 1) > +issuer:printableString/C=FR/ST=France/L=Paris/O=PM/SGDN/OU=DCSSI/CN=IGC/A/emailAddress=igca@sgdn.pm.gouv.fr Optional, maybe a follow up: rename this, since it isn't actually a copy anymore.
Attachment #8650021 - Flags: review?(cykesiopka.bmo) → review+
https://reviewboard.mozilla.org/r/15933/#review15033 > Hmm, doesn't this mean directoryName specifications that explicitly specify their encoding will be treated as dNSNames? Good catch. > Optional, maybe a follow up: rename this, since it isn't actually a copy anymore. This was an easy change, so I went ahead and did it.
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: