Closed
Bug 1194013
Opened 9 years ago
Closed 9 years ago
convert test_name_constraints.js to generate certificates at build time
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla43
Tracking | Status | |
---|---|---|
firefox43 | --- | fixed |
People
(Reporter: keeler, Assigned: keeler)
References
Details
Attachments
(1 file)
See bug 1174288. test_name_constraints.js should generate certificates at build time.
Assignee | ||
Comment 1•9 years ago
|
||
bug 1194013 - convert test_name_constraints.js to generate certificates at build time
Attachment #8650021 -
Flags: review?(mgoodwin)
Attachment #8650021 -
Flags: review?(cykesiopka.bmo)
Comment 2•9 years ago
|
||
Comment on attachment 8650021 [details]
MozReview Request: bug 1194013 - convert test_name_constraints.js to generate certificates at build time
https://reviewboard.mozilla.org/r/15933/#review15005
Looks good to me.
Attachment #8650021 -
Flags: review?(mgoodwin) → review+
Comment 3•9 years ago
|
||
Comment on attachment 8650021 [details]
MozReview Request: bug 1194013 - convert test_name_constraints.js to generate certificates at build time
https://reviewboard.mozilla.org/r/15933/#review15033
I only glanced over the various .certspec files (I think my eyes would bleed otherwise).
::: security/manager/ssl/tests/unit/moz.build:19
(Diff revision 1)
> 'test_pinning_dynamic',
Minor nit: Might as well sort this after test_ocsp_url.
::: security/manager/ssl/tests/unit/pycert.py:203
(Diff revision 1)
> + if string.find('/') < 0:
Nit: Maybe |if '/' not in string|?
::: security/manager/ssl/tests/unit/pycert.py:497
(Diff revision 1)
> + if name.startswith('/'):
Hmm, doesn't this mean directoryName specifications that explicitly specify their encoding will be treated as dNSNames?
::: security/manager/ssl/tests/unit/test_name_constraints/dcisscopy.pem.certspec:1
(Diff revision 1)
> +issuer:printableString/C=FR/ST=France/L=Paris/O=PM/SGDN/OU=DCSSI/CN=IGC/A/emailAddress=igca@sgdn.pm.gouv.fr
Optional, maybe a follow up: rename this, since it isn't actually a copy anymore.
Attachment #8650021 -
Flags: review?(cykesiopka.bmo) → review+
Assignee | ||
Comment 4•9 years ago
|
||
https://reviewboard.mozilla.org/r/15933/#review15033
> Hmm, doesn't this mean directoryName specifications that explicitly specify their encoding will be treated as dNSNames?
Good catch.
> Optional, maybe a follow up: rename this, since it isn't actually a copy anymore.
This was an easy change, so I went ahead and did it.
Assignee | ||
Comment 5•9 years ago
|
||
Thanks for the reviews!
https://treeherder.mozilla.org/#/jobs?repo=try&revision=def8c6c31869
Comment 7•9 years ago
|
||
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
You need to log in
before you can comment on or make changes to this bug.
Description
•