Mercurial > trustbridge
changeset 307:2fd69803d219
Complete InstRemove NSS test
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Thu, 03 Apr 2014 16:35:21 +0200 |
parents | 9c5e6b142611 |
children | f758460ca437 |
files | CMakeLists.txt cinst/CMakeLists.txt ui/tests/CMakeLists.txt ui/tests/nsstest.cpp ui/tests/nsstest.h |
diffstat | 5 files changed, 133 insertions(+), 16 deletions(-) [+] |
line wrap: on
line diff
--- a/CMakeLists.txt Thu Apr 03 15:30:25 2014 +0200 +++ b/CMakeLists.txt Thu Apr 03 16:35:21 2014 +0200 @@ -20,6 +20,8 @@ find_package(Qt5Widgets) +find_package(NSS) + # Use cmake's automoc and make sure the generated files are included set(CMAKE_AUTOMOC ON) set(CMAKE_INCLUDE_CURRENT_DIR ON)
--- a/cinst/CMakeLists.txt Thu Apr 03 15:30:25 2014 +0200 +++ b/cinst/CMakeLists.txt Thu Apr 03 16:35:21 2014 +0200 @@ -26,8 +26,6 @@ # ---------------------------------------------------------------------- # Mozilla nss store specific certificate installer: -find_package(NSS) - if(NSS_FOUND) include_directories(${NSS_INCLUDE_DIRS}) set(MOZILLA_SOURCES
--- a/ui/tests/CMakeLists.txt Thu Apr 03 15:30:25 2014 +0200 +++ b/ui/tests/CMakeLists.txt Thu Apr 03 16:35:21 2014 +0200 @@ -50,8 +50,12 @@ add_m13_test(windowsstoretest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/windowsstore.c") endif (WIN32) -add_m13_test(nsstest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/nssstore_linux.c") -add_dependencies(nsstest mozilla) +if (NSS_FOUND) + include_directories(${NSS_INCLUDE_DIRS}) + add_m13_test(nsstest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/nssstore_linux.c") + target_link_libraries(nsstest ${NSS_LIBRARIES}) + add_dependencies(nsstest mozilla) +endif() #add_m13_test(${CMAKE_SOURCE_DIR}/ui/main.cpp "${M13UI_SOURCES}")
--- a/ui/tests/nsstest.cpp Thu Apr 03 15:30:25 2014 +0200 +++ b/ui/tests/nsstest.cpp Thu Apr 03 16:35:21 2014 +0200 @@ -1,21 +1,58 @@ +#include <cert.h> +#include <certdb.h> +#include <certt.h> + +#include <nss.h> +#include <pk11pub.h> + #include "nsstest.h" #include "nssstore.h" #include "strhelp.h" #include <QTest> -void NSSTest::initTestCase() { - /* Copy the empty nss db in the temporary dir */ - QFile::copy(":/nss/cert8.db", nssDir.path() + "/" +"cert8.db"); - QFile::copy(":/nss/key3.db", nssDir.path() + "/" +"key3.db"); - QFile::copy(":/nss/secmod.db", nssDir.path() + "/" +"secmod.db"); +QList<QByteArray> NSSTest::get_nss_certs (QTemporaryDir *nssDir) +{ + CERTCertList *list; + CERTCertListNode *node; + QList<QByteArray> retval; - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"cert8.db", + if (NSS_Initialize(nssDir->path().toLocal8Bit().constData(), + "", "", "secmod.db", NSS_INIT_READONLY) + == SECSuccess) + { + list = PK11_ListCerts(PK11CertListAll, NULL); + for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list); + node = CERT_LIST_NEXT(node)) { + retval << QByteArray((const char*)node->cert->derCert.data, + (int)node->cert->derCert.len); + } + CERT_DestroyCertList(list); + NSS_Shutdown(); + } + else + { + qDebug("Could not open nss certificate store!\n"); + } + return retval; +} + +void NSSTest::setupTestDir(QTemporaryDir *nssDir) +{ + /* Copy the empty nss db in the temporary dir */ + QFile::copy(":/nss/cert8.db", nssDir->path() + "/" +"cert8.db"); + QFile::copy(":/nss/key3.db", nssDir->path() + "/" +"key3.db"); + QFile::copy(":/nss/secmod.db", nssDir->path() + "/" +"secmod.db"); + + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"cert8.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"key3.db", + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"key3.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"secmod.db", + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"secmod.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); +} + +void NSSTest::initTestCase() { /* Set up a temporary list */ QFile res(":/list-valid-signed.txt"); @@ -24,7 +61,8 @@ validListFile.write(res.readAll()); validListFile.close(); - nssDir.setAutoRemove(false); + setupTestDir(&ffNSSDir); + setupTestDir(&tbNSSDir); validList = CertificateList(validListFile.fileName().toLocal8Bit().data()); @@ -52,7 +90,7 @@ "[Profile0]" << endl << "Name=default" << endl << "IsRelative=1" << endl << - "Path=" << fakeFirefoxDir.relativeFilePath(nssDir.path()) << endl; + "Path=" << fakeFirefoxDir.relativeFilePath(ffNSSDir.path()) << endl; ffStream.flush(); mozProfile.close(); @@ -63,7 +101,7 @@ "[Profile102]" << endl << "Name=default" << endl << "IsRelative=0" << endl << - "Path=" << nssDir.path() << endl; + "Path=" << tbNSSDir.path() << endl; tbStream.flush(); tbProfile.close(); } @@ -74,6 +112,7 @@ QList<Certificate> instList; + /* Install all certificates */ foreach (const Certificate &cert, validList.getCertificates()) { if (!cert.isInstallCert()) continue; @@ -85,6 +124,74 @@ QVERIFY(write_stores_nss(to_install, to_remove) == 0); + { + /* Verify that everything is installed */ + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF.size() == instList.size()); + QVERIFY(installedCertsFF == installedCertsTB); + + for (int i = 0; to_install[i]; i++) { + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsFF.contains(bai)); + } + } + + { + /* Remove one certificate */ + QVERIFY(instList.size() > 2); + strv_append (&to_remove, to_install[1], qstrlen(to_install[1])); + + QVERIFY(write_stores_nss(NULL, to_remove) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QByteArray bai = QByteArray::fromBase64(to_install[1]); + QVERIFY(!installedCertsTB.contains(bai)); + + QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install) - 1); + + for (int i = 0; to_install[i]; i++) { + if (i == 1) { + continue; + } + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsTB.contains(bai)); + } + } + + { + /* Readd all certificates check for duplication*/ + QVERIFY(write_stores_nss(to_install, NULL) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install)); + + for (int i = 0; to_install[i]; i++) { + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsTB.contains(bai)); + } + } + + { + /* Remove all certificates */ + QVERIFY(write_stores_nss(NULL, to_install) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QVERIFY(installedCertsTB.size() == 0); + } } QTEST_GUILESS_MAIN (NSSTest);
--- a/ui/tests/nsstest.h Thu Apr 03 15:30:25 2014 +0200 +++ b/ui/tests/nsstest.h Thu Apr 03 16:35:21 2014 +0200 @@ -4,6 +4,8 @@ #include <QTemporaryFile> #include <QTemporaryDir> #include <QObject> +#include <QList> +#include <QByteArray> #include "certificatelist.h" @@ -14,9 +16,13 @@ QTemporaryDir fakeHome; QDir fakeFirefoxDir; QDir fakeThunderbirdDir; - QTemporaryDir nssDir; + QTemporaryDir ffNSSDir; + QTemporaryDir tbNSSDir; CertificateList validList; QTemporaryFile validListFile; +private: + QList<QByteArray> get_nss_certs(QTemporaryDir *nssDir); + void setupTestDir(QTemporaryDir *nssDir); private Q_SLOTS: void initTestCase();