From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- security/nss/cmd/tests/Makefile | 45 +++++++++++ security/nss/cmd/tests/baddbdir.c | 38 +++++++++ security/nss/cmd/tests/conflict.c | 27 +++++++ security/nss/cmd/tests/dertimetest.c | 102 +++++++++++++++++++++++++ security/nss/cmd/tests/encodeinttest.c | 62 +++++++++++++++ security/nss/cmd/tests/manifest.mn | 29 +++++++ security/nss/cmd/tests/nonspr10.c | 88 +++++++++++++++++++++ security/nss/cmd/tests/remtest.c | 136 +++++++++++++++++++++++++++++++++ security/nss/cmd/tests/secmodtest.c | 126 ++++++++++++++++++++++++++++++ security/nss/cmd/tests/tests.gyp | 91 ++++++++++++++++++++++ 10 files changed, 744 insertions(+) create mode 100644 security/nss/cmd/tests/Makefile create mode 100644 security/nss/cmd/tests/baddbdir.c create mode 100644 security/nss/cmd/tests/conflict.c create mode 100644 security/nss/cmd/tests/dertimetest.c create mode 100644 security/nss/cmd/tests/encodeinttest.c create mode 100644 security/nss/cmd/tests/manifest.mn create mode 100644 security/nss/cmd/tests/nonspr10.c create mode 100644 security/nss/cmd/tests/remtest.c create mode 100644 security/nss/cmd/tests/secmodtest.c create mode 100644 security/nss/cmd/tests/tests.gyp (limited to 'security/nss/cmd/tests') diff --git a/security/nss/cmd/tests/Makefile b/security/nss/cmd/tests/Makefile new file mode 100644 index 0000000000..a263d41aaa --- /dev/null +++ b/security/nss/cmd/tests/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### +include ../platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + + +include ../platrules.mk diff --git a/security/nss/cmd/tests/baddbdir.c b/security/nss/cmd/tests/baddbdir.c new file mode 100644 index 0000000000..b2bb2d681d --- /dev/null +++ b/security/nss/cmd/tests/baddbdir.c @@ -0,0 +1,38 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include + +#include "nss.h" +#include "secerr.h" + +/* + * Regression test for bug 495097. + * + * NSS_InitReadWrite("sql:") should fail with SEC_ERROR_BAD_DATABASE + * if the directory doesn't exist. + */ + +int +main() +{ + SECStatus status; + int error; + + status = NSS_InitReadWrite("sql:/no/such/db/dir"); + if (status == SECSuccess) { + fprintf(stderr, "NSS_InitReadWrite succeeded unexpectedly\n"); + exit(1); + } + error = PORT_GetError(); + if (error != SEC_ERROR_BAD_DATABASE) { + fprintf(stderr, "NSS_InitReadWrite failed with the wrong error code: " + "%d\n", + error); + exit(1); + } + printf("PASS\n"); + return 0; +} diff --git a/security/nss/cmd/tests/conflict.c b/security/nss/cmd/tests/conflict.c new file mode 100644 index 0000000000..80a4ebb7ab --- /dev/null +++ b/security/nss/cmd/tests/conflict.c @@ -0,0 +1,27 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * This test verifies that NSS public headers don't conflict with common + * identifier names. + */ + +#include "nssilckt.h" + +/* + * Bug 455424: nssilckt.h used to define the enumeration constant 'Lock', + * which conflicts with C++ code that defines a Lock class. This is a + * reduced test case in C for that name conflict. + */ +typedef struct { + int dummy; +} Lock; + +Lock lock; + +int +main() +{ + return 0; +} diff --git a/security/nss/cmd/tests/dertimetest.c b/security/nss/cmd/tests/dertimetest.c new file mode 100644 index 0000000000..2deedbc065 --- /dev/null +++ b/security/nss/cmd/tests/dertimetest.c @@ -0,0 +1,102 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include + +#include "secder.h" +#include "secerr.h" + +int +main() +{ + SECItem badTime; + PRTime prtime; + SECStatus rv; + int error; + PRBool failed = PR_FALSE; + + /* A UTCTime string with an embedded null. */ + badTime.type = siBuffer; + badTime.data = (unsigned char *)"091219000000Z\0junkjunkjunkjunkjunkjunk"; + badTime.len = 38; + rv = DER_UTCTimeToTime(&prtime, &badTime); + if (rv == SECSuccess) { + fprintf(stderr, "DER_UTCTimeToTime should have failed but " + "succeeded\n"); + failed = PR_TRUE; + } else { + error = PORT_GetError(); + if (error != SEC_ERROR_INVALID_TIME) { + fprintf(stderr, "DER_UTCTimeToTime failed with error %d, " + "expected error %d\n", + error, SEC_ERROR_INVALID_TIME); + failed = PR_TRUE; + } + } + + /* A UTCTime string with junk after a valid date/time. */ + badTime.type = siBuffer; + badTime.data = (unsigned char *)"091219000000Zjunk"; + badTime.len = 17; + rv = DER_UTCTimeToTime(&prtime, &badTime); + if (rv == SECSuccess) { + fprintf(stderr, "DER_UTCTimeToTime should have failed but " + "succeeded\n"); + failed = PR_TRUE; + } else { + error = PORT_GetError(); + if (error != SEC_ERROR_INVALID_TIME) { + fprintf(stderr, "DER_UTCTimeToTime failed with error %d, " + "expected error %d\n", + error, SEC_ERROR_INVALID_TIME); + failed = PR_TRUE; + } + } + + /* A GeneralizedTime string with an embedded null. */ + badTime.type = siBuffer; + badTime.data = (unsigned char *)"20091219000000Z\0junkjunkjunkjunkjunkjunk"; + badTime.len = 40; + rv = DER_GeneralizedTimeToTime(&prtime, &badTime); + if (rv == SECSuccess) { + fprintf(stderr, "DER_GeneralizedTimeToTime should have failed but " + "succeeded\n"); + failed = PR_TRUE; + } else { + error = PORT_GetError(); + if (error != SEC_ERROR_INVALID_TIME) { + fprintf(stderr, "DER_GeneralizedTimeToTime failed with error %d, " + "expected error %d\n", + error, SEC_ERROR_INVALID_TIME); + failed = PR_TRUE; + } + } + + /* A GeneralizedTime string with junk after a valid date/time. */ + badTime.type = siBuffer; + badTime.data = (unsigned char *)"20091219000000Zjunk"; + badTime.len = 19; + rv = DER_GeneralizedTimeToTime(&prtime, &badTime); + if (rv == SECSuccess) { + fprintf(stderr, "DER_GeneralizedTimeToTime should have failed but " + "succeeded\n"); + failed = PR_TRUE; + } else { + error = PORT_GetError(); + if (error != SEC_ERROR_INVALID_TIME) { + fprintf(stderr, "DER_GeneralizedTimeToTime failed with error %d, " + "expected error %d\n", + error, SEC_ERROR_INVALID_TIME); + failed = PR_TRUE; + } + } + + if (failed) { + fprintf(stderr, "FAIL\n"); + return 1; + } + printf("PASS\n"); + return 0; +} diff --git a/security/nss/cmd/tests/encodeinttest.c b/security/nss/cmd/tests/encodeinttest.c new file mode 100644 index 0000000000..f0062ea5e4 --- /dev/null +++ b/security/nss/cmd/tests/encodeinttest.c @@ -0,0 +1,62 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include + +#include "secasn1.h" + +struct TestCase { + long value; + unsigned char data[5]; + unsigned int len; +}; + +static struct TestCase testCase[] = { +/* XXX NSS doesn't generate the shortest encoding for negative values. */ +#if 0 + { -128, { 0x80 }, 1 }, + { -129, { 0xFF, 0x7F }, 2 }, +#endif + + { 0, { 0x00 }, 1 }, + { 127, { 0x7F }, 1 }, + { 128, { 0x00, 0x80 }, 2 }, + { 256, { 0x01, 0x00 }, 2 }, + { 32768, { 0x00, 0x80, 0x00 }, 3 } +}; + +int +main() +{ + PRBool failed = PR_FALSE; + unsigned int i; + unsigned int j; + + for (i = 0; i < sizeof(testCase) / sizeof(testCase[0]); i++) { + SECItem encoded; + if (SEC_ASN1EncodeInteger(NULL, &encoded, testCase[i].value) == NULL) { + fprintf(stderr, "SEC_ASN1EncodeInteger failed\n"); + failed = PR_TRUE; + continue; + } + if (encoded.len != testCase[i].len || + memcmp(encoded.data, testCase[i].data, encoded.len) != 0) { + fprintf(stderr, "Encoding of %ld is incorrect:", + testCase[i].value); + for (j = 0; j < encoded.len; j++) { + fprintf(stderr, " 0x%02X", (unsigned int)encoded.data[j]); + } + fputs("\n", stderr); + failed = PR_TRUE; + } + PORT_Free(encoded.data); + } + + if (failed) { + fprintf(stderr, "FAIL\n"); + return 1; + } + printf("PASS\n"); + return 0; +} diff --git a/security/nss/cmd/tests/manifest.mn b/security/nss/cmd/tests/manifest.mn new file mode 100644 index 0000000000..88b8347365 --- /dev/null +++ b/security/nss/cmd/tests/manifest.mn @@ -0,0 +1,29 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +CORE_DEPTH = ../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +CSRCS = \ + baddbdir.c \ + conflict.c \ + dertimetest.c \ + encodeinttest.c \ + nonspr10.c \ + remtest.c \ + secmodtest.c \ + $(NULL) + +# The MODULE is always implicitly required. +# Listing it here in REQUIRES makes it appear twice in the cc command line. +REQUIRES = seccmd dbm + +PROGRAMS = $(CSRCS:.c=) + +TARGETS = $(PROGRAMS) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/tests/nonspr10.c b/security/nss/cmd/tests/nonspr10.c new file mode 100644 index 0000000000..fc700407a7 --- /dev/null +++ b/security/nss/cmd/tests/nonspr10.c @@ -0,0 +1,88 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * This test verifies that NSS public headers can be compiled with no + * NSPR 1.0 support. + */ + +#define NO_NSPR_10_SUPPORT 1 + +#include "base64.h" +#include "blapit.h" +#include "cert.h" +#include "certdb.h" +#include "certt.h" +#include "ciferfam.h" +#include "cmmf.h" +#include "cmmft.h" +#include "cms.h" +#include "cmsreclist.h" +#include "cmst.h" +#include "crmf.h" +#include "crmft.h" +#include "cryptohi.h" +#include "cryptoht.h" +#include "ecl-exp.h" +#include "hasht.h" +#include "keyhi.h" +#include "keythi.h" +#include "nss.h" +#include "nssb64.h" +#include "nssb64t.h" +#include "nssbase.h" +#include "nssbaset.h" +#include "nssckbi.h" +#include "nssilckt.h" +#include "nssilock.h" +#include "nsslocks.h" +#include "nssrwlk.h" +#include "nssrwlkt.h" +#include "ocsp.h" +#include "ocspt.h" +#include "p12.h" +#include "p12plcy.h" +#include "p12t.h" +#include "pk11func.h" +#include "pk11pqg.h" +#include "pk11priv.h" +#include "pk11pub.h" +#include "pk11sdr.h" +#include "pkcs11.h" +#include "pkcs11t.h" +#include "pkcs12.h" +#include "pkcs12t.h" +#include "pkcs7t.h" +#include "portreg.h" +#include "preenc.h" +#include "secasn1.h" +#include "secasn1t.h" +#include "seccomon.h" +#include "secder.h" +#include "secdert.h" +#include "secdig.h" +#include "secdigt.h" +#include "secerr.h" +#include "sechash.h" +#include "secitem.h" +#include "secmime.h" +#include "secmod.h" +#include "secmodt.h" +#include "secoid.h" +#include "secoidt.h" +#include "secpkcs5.h" +#include "secpkcs7.h" +#include "secport.h" +#include "shsign.h" +#include "smime.h" +#include "ssl.h" +#include "sslerr.h" +#include "sslproto.h" +#include "sslt.h" + +int +main() +{ + return 0; +} diff --git a/security/nss/cmd/tests/remtest.c b/security/nss/cmd/tests/remtest.c new file mode 100644 index 0000000000..175ba923c3 --- /dev/null +++ b/security/nss/cmd/tests/remtest.c @@ -0,0 +1,136 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* +** +** Sample client side test program that uses SSL and NSS +** +*/ + +#include "secutil.h" + +#if defined(XP_UNIX) +#include +#else +#include "ctype.h" /* for isalpha() */ +#endif + +#include +#include +#include +#include +#include +#include + +#include "nspr.h" +#include "prio.h" +#include "prnetdb.h" +#include "nss.h" +#include "pk11func.h" +#include "plgetopt.h" + +void +Usage(char *progName) +{ + fprintf(stderr, "usage: %s [-d profiledir] -t tokenName [-r]\n", progName); + exit(1); +} + +int +main(int argc, char **argv) +{ + char *certDir = NULL; + PLOptState *optstate; + PLOptStatus optstatus; + SECStatus rv; + char *tokenName = NULL; + PRBool cont = PR_TRUE; + PK11TokenEvent event = PK11TokenPresentEvent; + PK11TokenStatus status; + char *progName; + PK11SlotInfo *slot; + + progName = strrchr(argv[0], '/'); + if (!progName) + progName = strrchr(argv[0], '\\'); + progName = progName ? progName + 1 : argv[0]; + + optstate = PL_CreateOptState(argc, argv, "rd:t:"); + while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { + switch (optstate->option) { + + case 'd': + certDir = strdup(optstate->value); + certDir = SECU_ConfigDirectory(certDir); + break; + case 't': + tokenName = strdup(optstate->value); + break; + case 'r': + event = PK11TokenRemovedOrChangedEvent; + break; + } + } + if (optstatus == PL_OPT_BAD) + Usage(progName); + + if (tokenName == NULL) { + Usage(progName); + } + + if (!certDir) { + certDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */ + certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */ + } + + PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); + + PK11_SetPasswordFunc(SECU_GetModulePassword); + + /* open the cert DB, the key DB, and the secmod DB. */ + rv = NSS_Init(certDir); + if (rv != SECSuccess) { + SECU_PrintError(progName, "unable to open cert database"); + return 1; + } + + printf("Looking up tokenNamed: <%s>\n", tokenName); + slot = PK11_FindSlotByName(tokenName); + if (slot == NULL) { + SECU_PrintError(progName, "unable to find token"); + return 1; + } + + do { + status = + PK11_WaitForTokenEvent(slot, event, PR_INTERVAL_NO_TIMEOUT, 0, 0); + + switch (status) { + case PK11TokenNotRemovable: + cont = PR_FALSE; + printf("%s Token Not Removable\n", tokenName); + break; + case PK11TokenChanged: + event = PK11TokenRemovedOrChangedEvent; + printf("%s Token Changed\n", tokenName); + break; + case PK11TokenRemoved: + event = PK11TokenPresentEvent; + printf("%s Token Removed\n", tokenName); + break; + case PK11TokenPresent: + event = PK11TokenRemovedOrChangedEvent; + printf("%s Token Present\n", tokenName); + break; + } + } while (cont); + + PK11_FreeSlot(slot); + + if (NSS_Shutdown() != SECSuccess) { + exit(1); + } + PR_Cleanup(); + return 0; +} diff --git a/security/nss/cmd/tests/secmodtest.c b/security/nss/cmd/tests/secmodtest.c new file mode 100644 index 0000000000..2896ccf94c --- /dev/null +++ b/security/nss/cmd/tests/secmodtest.c @@ -0,0 +1,126 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * Regression test for bug 588269 + * + * SECMOD_CloseUserDB should properly close the user DB, and it should + * be possible to later re-add that same user DB as a new slot + */ + +#include "secutil.h" + +#include +#include +#include + +#include "nspr.h" +#include "nss.h" +#include "secerr.h" +#include "pk11pub.h" +#include "plgetopt.h" + +void +Usage(char *progName) +{ + fprintf(stderr, "Usage: %s -d dbDir\n", progName); + exit(1); +} + +SECStatus +TestOpenCloseUserDB(char *progName, char *configDir, char *tokenName) +{ + char *modspec = NULL; + SECStatus rv = SECSuccess; + PK11SlotInfo *userDbSlot = NULL; + + printf("Loading database <%s> - %s\n", configDir, tokenName); + modspec = PR_smprintf("configDir='%s' tokenDescription='%s'", + configDir, tokenName); + if (!modspec) { + rv = SECFailure; + goto loser; + } + + userDbSlot = SECMOD_OpenUserDB(modspec); + PR_smprintf_free(modspec); + if (!userDbSlot) { + SECU_PrintError(progName, "couldn't open database"); + rv = SECFailure; + goto loser; + } + + printf("Closing database\n"); + rv = SECMOD_CloseUserDB(userDbSlot); + + if (rv != SECSuccess) { + SECU_PrintError(progName, "couldn't close database"); + } + + PK11_FreeSlot(userDbSlot); + +loser: + return rv; +} + +int +main(int argc, char **argv) +{ + PLOptState *optstate; + PLOptStatus optstatus; + SECStatus rv = SECFailure; + char *progName; + char *dbDir = NULL; + + progName = strrchr(argv[0], '/'); + if (!progName) { + progName = strrchr(argv[0], '\\'); + } + progName = progName ? progName + 1 : argv[0]; + + optstate = PL_CreateOptState(argc, argv, "d:"); + while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { + switch (optstate->option) { + case 'd': + dbDir = strdup(optstate->value); + break; + } + } + if (optstatus == PL_OPT_BAD || dbDir == NULL) { + Usage(progName); + } + + rv = NSS_NoDB_Init(NULL); + if (rv != SECSuccess) { + SECU_PrintError(progName, "unable to initialize NSS"); + goto loser; + } + + printf("Open and Close Test 1\n"); + rv = TestOpenCloseUserDB(progName, dbDir, "Test Slot 1"); + if (rv != SECSuccess) { + goto loser; + } + + printf("Open and Close Test 2\n"); + rv = TestOpenCloseUserDB(progName, dbDir, "Test Slot 2"); + if (rv != SECSuccess) { + goto loser; + } + +loser: + if (dbDir) + free(dbDir); + + if (NSS_Shutdown() != SECSuccess) { + exit(1); + } + PR_Cleanup(); + + if (rv != SECSuccess) { + exit(1); + } + + return 0; +} diff --git a/security/nss/cmd/tests/tests.gyp b/security/nss/cmd/tests/tests.gyp new file mode 100644 index 0000000000..148bb250e5 --- /dev/null +++ b/security/nss/cmd/tests/tests.gyp @@ -0,0 +1,91 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi', + '../../cmd/platlibs.gypi' + ], + 'targets': [ + { + 'target_name': 'baddbdir', + 'type': 'executable', + 'sources': [ + 'baddbdir.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'conflict', + 'type': 'executable', + 'sources': [ + 'conflict.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'dertimetest', + 'type': 'executable', + 'sources': [ + 'dertimetest.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'encodeinttest', + 'type': 'executable', + 'sources': [ + 'encodeinttest.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'nonspr10', + 'type': 'executable', + 'sources': [ + 'nonspr10.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'remtest', + 'type': 'executable', + 'sources': [ + 'remtest.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + }, + { + 'target_name': 'secmodtest', + 'type': 'executable', + 'sources': [ + 'secmodtest.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:dbm_exports', + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +} \ No newline at end of file -- cgit v1.2.3