changeset 307:2fd69803d219

Complete InstRemove NSS test
author Andre Heinecke <andre.heinecke@intevation.de>
date Thu, 03 Apr 2014 16:35:21 +0200
parents 9c5e6b142611
children f758460ca437
files CMakeLists.txt cinst/CMakeLists.txt ui/tests/CMakeLists.txt ui/tests/nsstest.cpp ui/tests/nsstest.h
diffstat 5 files changed, 133 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/CMakeLists.txt	Thu Apr 03 15:30:25 2014 +0200
+++ b/CMakeLists.txt	Thu Apr 03 16:35:21 2014 +0200
@@ -20,6 +20,8 @@
 
 find_package(Qt5Widgets)
 
+find_package(NSS)
+
 # Use cmake's automoc and make sure the generated files are included
 set(CMAKE_AUTOMOC ON)
 set(CMAKE_INCLUDE_CURRENT_DIR ON)
--- a/cinst/CMakeLists.txt	Thu Apr 03 15:30:25 2014 +0200
+++ b/cinst/CMakeLists.txt	Thu Apr 03 16:35:21 2014 +0200
@@ -26,8 +26,6 @@
 # ----------------------------------------------------------------------
 # Mozilla nss store specific certificate installer:
 
-find_package(NSS)
-
 if(NSS_FOUND)
   include_directories(${NSS_INCLUDE_DIRS})
   set(MOZILLA_SOURCES
--- a/ui/tests/CMakeLists.txt	Thu Apr 03 15:30:25 2014 +0200
+++ b/ui/tests/CMakeLists.txt	Thu Apr 03 16:35:21 2014 +0200
@@ -50,8 +50,12 @@
    add_m13_test(windowsstoretest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/windowsstore.c")
 endif (WIN32)
 
-add_m13_test(nsstest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/nssstore_linux.c")
-add_dependencies(nsstest mozilla)
+if (NSS_FOUND)
+    include_directories(${NSS_INCLUDE_DIRS})
+    add_m13_test(nsstest.cpp "${CERTIFICATELIST_SOURCES};${CMAKE_SOURCE_DIR}/cinst/nssstore_linux.c")
+    target_link_libraries(nsstest ${NSS_LIBRARIES})
+    add_dependencies(nsstest mozilla)
+endif()
 
 #add_m13_test(${CMAKE_SOURCE_DIR}/ui/main.cpp "${M13UI_SOURCES}")
 
--- a/ui/tests/nsstest.cpp	Thu Apr 03 15:30:25 2014 +0200
+++ b/ui/tests/nsstest.cpp	Thu Apr 03 16:35:21 2014 +0200
@@ -1,21 +1,58 @@
+#include <cert.h>
+#include <certdb.h>
+#include <certt.h>
+
+#include <nss.h>
+#include <pk11pub.h>
+
 #include "nsstest.h"
 #include "nssstore.h"
 #include "strhelp.h"
 
 #include <QTest>
 
-void NSSTest::initTestCase() {
-    /* Copy the empty nss db in the temporary dir */
-    QFile::copy(":/nss/cert8.db", nssDir.path() + "/" +"cert8.db");
-    QFile::copy(":/nss/key3.db", nssDir.path() + "/" +"key3.db");
-    QFile::copy(":/nss/secmod.db", nssDir.path() + "/" +"secmod.db");
+QList<QByteArray> NSSTest::get_nss_certs (QTemporaryDir *nssDir)
+{
+  CERTCertList *list;
+  CERTCertListNode *node;
+  QList<QByteArray> retval;
 
-    QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"cert8.db",
+  if (NSS_Initialize(nssDir->path().toLocal8Bit().constData(),
+              "", "", "secmod.db", NSS_INIT_READONLY)
+      == SECSuccess)
+    {
+      list = PK11_ListCerts(PK11CertListAll, NULL);
+      for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
+           node = CERT_LIST_NEXT(node)) {
+        retval << QByteArray((const char*)node->cert->derCert.data,
+                (int)node->cert->derCert.len);
+      }
+      CERT_DestroyCertList(list);
+      NSS_Shutdown();
+    }
+  else
+    {
+      qDebug("Could not open nss certificate store!\n");
+    }
+  return retval;
+}
+
+void NSSTest::setupTestDir(QTemporaryDir *nssDir)
+{
+    /* Copy the empty nss db in the temporary dir */
+    QFile::copy(":/nss/cert8.db", nssDir->path() + "/" +"cert8.db");
+    QFile::copy(":/nss/key3.db", nssDir->path() + "/" +"key3.db");
+    QFile::copy(":/nss/secmod.db", nssDir->path() + "/" +"secmod.db");
+
+    QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"cert8.db",
                 QFileDevice::ReadOwner | QFileDevice::WriteOwner));
-    QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"key3.db",
+    QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"key3.db",
                 QFileDevice::ReadOwner | QFileDevice::WriteOwner));
-    QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"secmod.db",
+    QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"secmod.db",
                 QFileDevice::ReadOwner | QFileDevice::WriteOwner));
+}
+
+void NSSTest::initTestCase() {
 
     /* Set up a temporary list */
     QFile res(":/list-valid-signed.txt");
@@ -24,7 +61,8 @@
     validListFile.write(res.readAll());
     validListFile.close();
 
-    nssDir.setAutoRemove(false);
+    setupTestDir(&ffNSSDir);
+    setupTestDir(&tbNSSDir);
 
     validList = CertificateList(validListFile.fileName().toLocal8Bit().data());
 
@@ -52,7 +90,7 @@
         "[Profile0]" << endl <<
         "Name=default" << endl <<
         "IsRelative=1" << endl <<
-        "Path=" << fakeFirefoxDir.relativeFilePath(nssDir.path()) << endl;
+        "Path=" << fakeFirefoxDir.relativeFilePath(ffNSSDir.path()) << endl;
     ffStream.flush();
     mozProfile.close();
 
@@ -63,7 +101,7 @@
         "[Profile102]" << endl <<
         "Name=default" << endl <<
         "IsRelative=0" << endl <<
-        "Path=" << nssDir.path() << endl;
+        "Path=" << tbNSSDir.path() << endl;
     tbStream.flush();
     tbProfile.close();
 }
@@ -74,6 +112,7 @@
 
     QList<Certificate> instList;
 
+    /* Install all certificates */
     foreach (const Certificate &cert, validList.getCertificates()) {
         if (!cert.isInstallCert())
             continue;
@@ -85,6 +124,74 @@
 
     QVERIFY(write_stores_nss(to_install, to_remove) == 0);
 
+    {
+        /* Verify that everything is installed */
+        QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir);
+        QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir);
+
+        QVERIFY(installedCertsFF.size() == instList.size());
+        QVERIFY(installedCertsFF == installedCertsTB);
+
+        for (int i = 0; to_install[i]; i++) {
+            QByteArray bai = QByteArray::fromBase64(to_install[i]);
+            QVERIFY(installedCertsFF.contains(bai));
+        }
+    }
+
+    {
+        /* Remove one certificate */
+        QVERIFY(instList.size() > 2);
+        strv_append (&to_remove, to_install[1], qstrlen(to_install[1]));
+
+        QVERIFY(write_stores_nss(NULL, to_remove) == 0);
+
+        QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir);
+        QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir);
+
+        QVERIFY(installedCertsFF == installedCertsTB);
+
+        QByteArray bai = QByteArray::fromBase64(to_install[1]);
+        QVERIFY(!installedCertsTB.contains(bai));
+
+        QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install) - 1);
+
+        for (int i = 0; to_install[i]; i++) {
+            if (i == 1) {
+                continue;
+            }
+            QByteArray bai = QByteArray::fromBase64(to_install[i]);
+            QVERIFY(installedCertsTB.contains(bai));
+        }
+    }
+
+    {
+        /* Readd all certificates check for duplication*/
+        QVERIFY(write_stores_nss(to_install, NULL) == 0);
+
+        QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir);
+        QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir);
+
+        QVERIFY(installedCertsFF == installedCertsTB);
+
+        QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install));
+
+        for (int i = 0; to_install[i]; i++) {
+            QByteArray bai = QByteArray::fromBase64(to_install[i]);
+            QVERIFY(installedCertsTB.contains(bai));
+        }
+    }
+
+    {
+        /* Remove all certificates */
+        QVERIFY(write_stores_nss(NULL, to_install) == 0);
+
+        QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir);
+        QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir);
+
+        QVERIFY(installedCertsFF == installedCertsTB);
+
+        QVERIFY(installedCertsTB.size() == 0);
+    }
 }
 
 QTEST_GUILESS_MAIN (NSSTest);
--- a/ui/tests/nsstest.h	Thu Apr 03 15:30:25 2014 +0200
+++ b/ui/tests/nsstest.h	Thu Apr 03 16:35:21 2014 +0200
@@ -4,6 +4,8 @@
 #include <QTemporaryFile>
 #include <QTemporaryDir>
 #include <QObject>
+#include <QList>
+#include <QByteArray>
 
 #include "certificatelist.h"
 
@@ -14,9 +16,13 @@
     QTemporaryDir fakeHome;
     QDir fakeFirefoxDir;
     QDir fakeThunderbirdDir;
-    QTemporaryDir nssDir;
+    QTemporaryDir ffNSSDir;
+    QTemporaryDir tbNSSDir;
     CertificateList validList;
     QTemporaryFile validListFile;
+private:
+    QList<QByteArray> get_nss_certs(QTemporaryDir *nssDir);
+    void setupTestDir(QTemporaryDir *nssDir);
 
 private Q_SLOTS:
     void initTestCase();

http://wald.intevation.org/projects/trustbridge/