Closed Bug 970512 Opened 6 years ago Closed 6 years ago

Remove uninteresting cases for certificate usage verification


(Core :: Security: PSM, defect)

Not set



Tracking Status
firefox29 --- fixed
firefox30 --- fixed


(Reporter: briansmith, Assigned: briansmith)




(1 file, 1 obsolete file)

In bug 878932 I had to map NSS-style certificate usages to (ku, eku, trust bit). This patch removes the cases I didn't add mappings for, which aren't supported by insanity::pkix and which either aren't or don't need to be supported by our NSS-based usage verification. This patch is needed in order to make tests pass when using insanity::pkix.
Attachment #8373563 - Flags: review?(cviecco)
Comment on attachment 8373563 [details] [diff] [review]
Remove uninteresting cases for certificate usage checks

Review of attachment 8373563 [details] [diff] [review]:

I want to r+ this, but until we solve the nsNSSCeritifcateDB call we cant remove all the cases listed here.

::: security/manager/ssl/src/nsUsageArrayHelper.cpp
@@ +95,3 @@
>    case certificateUsageSSLCA:
>      typestr = "VerifySSLCA";
>      break;

Cant remove this because of:

But (I think we are failing on this already, ie I think we dont test this case)
Attachment #8373563 - Flags: review?(cviecco)
Attachment #8373563 - Flags: review-
Attachment #8373563 - Flags: feedback+
Thanks for catching that. Here's an updated patch. In this version, I also removed the unneeded named variables in the testing framework.
Attachment #8373563 - Attachment is obsolete: true
Attachment #8373830 - Flags: review?(cviecco)
Attachment #8373830 - Flags: review?(cviecco) → review+
Closed: 6 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Comment on attachment 8373830 [details] [diff] [review]
Remove uninteresting cases for certificate usage checks [v2]

[Approval Request Comment]
See bug 878932 comment 37.
Attachment #8373830 - Flags: approval-mozilla-aurora?
Attachment #8373830 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.