Add tests for the new nss tools and run them on TC

NEW
Unassigned

Status

NSS
Tools
a year ago
a year ago

People

(Reporter: fkiefer, Unassigned)

Tracking

3.31

Firefox Tracking Flags

(Not tracked)

Details

To make sure that the new tools do what we think they do they need tests.
What are the new tools?
You can find them in the nss-tool/ directory. They're an experiment that aims to merge all the terrible cmd lines tools that currently exist into one tool, and make them nicer. Nicer to use, but also nicer in terms of code. Builds with GYP only, and needs a C++ compiler.
Which terrible tools do you refer to?

Linux distributions ship some of the existing tools, and there are probably scripts that depend on them. I don't think it will be easy to completely replace them. We probably cannot remove them until they are proven to be 100% compatible replacements.
[Just a reminder that this bug wants to track writing tests, not discuss the "nss" tool itself. I'd prefer to have any further conversation on IRC or elsewhere.]

(In reply to Kai Engert (:kaie) from comment #3)
> Which terrible tools do you refer to?

certutil, pk12util, selfserver, etc.

I should probably elaborate that I refer to these as "terrible" only because they're leaking the world, they contain functions consisting of hundreds of lines of code, and have single-letter argument names that make using them a pain. As the functionality offered by those intersects in parts, users additionally have to remember what tool to use for which task.

> Linux distributions ship some of the existing tools, and there are probably
> scripts that depend on them. I don't think it will be easy to completely
> replace them. We probably cannot remove them until they are proven to be
> 100% compatible replacements.

We are NOT aiming for a replacement. The idea is to offer a modern and clean alternative that can compete with and be even better than the OpenSSL tools.
You need to log in before you can comment on or make changes to this bug.