Closed Bug 1529950 Opened 5 years ago Closed 5 years ago

Improve NSS S/MIME tests for Thunderbird

Categories

(NSS :: Test, enhancement)

Product:
NSS
Component:
Test
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: KaiE, Assigned: KaiE)

References

Details

Attachments

(1 file, 2 obsolete files)

1529950-v3.patch
10.22 KB, patch
jcj
: review+
Details | Diff | Splinter Review

NSS already has an S/MIME test script. But actually it's really just a CMS test, because it doesn't do any MIME.

We'd like to add automated testing for S/MIME message processing to Thunderbird.

I had the choice to use openssl or NSS to generate the test data that is required by Thunderbird. I'd prefer to use NSS.

The NSS test suite already produces most of the CMS data that Thunderbird needs. With just a little bit of extra string processing, we can produce the message files, too.

I'll attach an enhancement for the smime.sh script, which creates the message for TB in an extra subdirectory. With this, Thunderbird can simply run the NSS test suite and copy those files into the Thunderbird tree.

I've modified the existing alice.txt file, to make it compatible with both the NSS CMS plaintext needs, and also the TB MIME message needs. Because the NSS CMS test doesn't need a real email message, I think it should be OK to remove the email headers from alice.txt

Attached patch 1529950-v1.patch (obsolete) — Splinter Review
Depends on: 1529959
Comment on attachment 9045981 [details] [diff] [review]
1529950-v1.patch

Note this patch doesn't change the existing tests. Only one detail, the plaintext used by the existing tests will now be the modified alice.txt file. Everything else is just additions, and in the p7 function, changes to avoid a filename reuse.
Attachment #9045981 - Flags: review?(jjones)
Attachment #9045981 - Flags: feedback?(rrelyea)

I see I have a duplicate "mkdir tb", I'll remove that before checkin.

Note that I had started an s/mime GTest in Bug 1521174 that we'll land in just over a week. That might be a lot simpler than maintaining the shell scripts.

Attached patch 1529950-v2.patch (obsolete) — Splinter Review
Attachment #9045981 - Attachment is obsolete: true
Attachment #9045981 - Flags: review?(jjones)
Attachment #9045981 - Flags: feedback?(rrelyea)
Attachment #9046120 - Flags: review?(jjones)
Attachment #9046120 - Flags: feedback?(rrelyea)

(In reply to J.C. Jones [:jcj] (he/him) from comment #4)

Note that I had started an s/mime GTest in Bug 1521174 that we'll land in just over a week. That might be a lot simpler than maintaining the shell scripts.

Thanks for reminding me, that's good to know.

Your tests are CMS correctness tests. I think it's fair to use the c++ gtest for this kind of tests. However, the producing of the additional files that I need to do is more easily done with a shell script.

(I'm doing it here for convenience, because doing it inside the Thunderbird tree would be more work. I think the vast majority of time spent in the NSS test is for the certificate generation and crypto operations. Creating these files here should be very fast, and shouldn't notably affect the time required for executing the NSS test suite.)

Comment on attachment 9046120 [details] [diff] [review]
1529950-v2.patch

Review of attachment 9046120 [details] [diff] [review]:
-----------------------------------------------------------------

Just these. Sorry to be pedantic about the shell scripts, but trying to work a bunch of these from FreeBSD and from MacOS makes me a bit more particular :) Thanks!

::: tests/smime/smime.sh
@@ +154,5 @@
> +
> +mime_init()
> +{
> +  OUT="tb/alice.mime"
> +  echo "$header_clearsigned" >>$OUT

The rest of the file uses ${var} form. It'd be nice to be consistent, and I'm not much for the naked $var form anyway.

@@ +156,5 @@
> +{
> +  OUT="tb/alice.mime"
> +  echo "$header_clearsigned" >>$OUT
> +  cat alice.txt >>$OUT
> +  sed -i "s/\$/$CR/" $OUT

All these uses of GNU-specific sed features across the project eventually need repair. BSD sed mandates an extension after -i, even if the extension is '' like
  sed -i "" "s/\$/${CR}/" ${OUT}

@@ +184,4 @@
>  
> +  ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i tb/alice.mime -d ${P_R_ALICEDIR} -p nss -o tb/alice.mime.d${SIG}
> +
> +  OUT="tb/alice.d$SIG.multipart"

For these in particular, please ${SIG} it, because d$SIG looks like an assembly instruction ;)
Attachment #9046120 - Flags: review?(jjones) → review-
Attached patch 1529950-v3.patchSplinter Review

Thanks for the careful review, I appreciate it! I didn't know about the FreeBSD requirements, it's good you do.
I made the changes you requested.
Note sed -i "" gave some errors, I had to use -i"" (no space).

Attachment #9046120 - Attachment is obsolete: true
Attachment #9046120 - Flags: feedback?(rrelyea)
Attachment #9046419 - Flags: review?(jjones)
Comment on attachment 9046419 [details] [diff] [review]
1529950-v3.patch

Review of attachment 9046419 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks Kai :)
Attachment #9046419 - Flags: review?(jjones) → review+

https://hg.mozilla.org/projects/nss/rev/65c17f18469d

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.43
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: