Merging upstream version 1.45.3+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

8 files changed, 0 insertions, 395 deletions

diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLConnectionTests.m b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLConnectionTests.m
deleted file mode 100644
index 53d860785..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLConnectionTests.m
+++ /dev/null
@@ -1,154 +0,0 @@
-//
-//  NSURLConnectionTests.m
-//  SSLCertificatePinning
-//
-//  Created by Alban Diquet on 1/14/14.
-//  Copyright (c) 2014 iSEC Partners. All rights reserved.
-//
-
-#import <XCTest/XCTest.h>
-
-#import "ISPPinnedNSURLConnectionDelegate.h"
-#import "ISPCertificatePinning.h"
-#import "SSLPinsTestUtility.h"
-
-
-// Delegate we'll use for our tests
-@interface NSURLConnectionDelegateTest : ISPPinnedNSURLConnectionDelegate <NSURLConnectionDelegate>
-    @property BOOL connectionFinished;
-    @property BOOL connectionSucceeded;
-@end
-
-
-
-@interface NSURLConnectionTests : XCTestCase
-
-@end
-
-
-@implementation NSURLConnectionTests
-
-
-- (void)setUp
-{
-    [super setUp];
-}
-
-- (void)tearDown
-{
-    [super tearDown];
-}
-
-#pragma mark SSL pinning test
-
-
-// This is sample code to demonstrate how to implement certificate pinning with NSURLConnection
-- (void)testNSURLConnectionSSLPinning
-{
-
-    // Create our SSL pins dictionnary for Twitter, iSEC and NCC
-    NSDictionary *domainsToPin = [SSLPinsTestUtility setupTestSSLPinsDictionnary];
-    if (domainsToPin == nil) {
-        NSLog(@"Failed to pin a certificate");
-    }
-    
-    
-    // Save the SSL pins so that our connection delegates automatically use them
-    if ([ISPCertificatePinning setupSSLPinsUsingDictionnary:domainsToPin] != YES) {
-        NSLog(@"Failed to pin the certificates");
-    }
-    
-    // Connect to Twitter
-    NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"https://twitter.com/"]];
-    NSURLConnectionDelegateTest *connectionDelegate = [[NSURLConnectionDelegateTest alloc] init];
-    NSURLConnection *connection=[[NSURLConnection alloc] initWithRequest:request delegate:connectionDelegate];
-    [connection start];
-    
-    // Connect to iSEC
-    NSURLRequest *request2 = [NSURLRequest requestWithURL:[NSURL URLWithString:@"https://www.isecpartners.com/"]];
-    NSURLConnectionDelegateTest *connectionDelegate2 = [[NSURLConnectionDelegateTest alloc] init];
-    NSURLConnection *connection2 = [[NSURLConnection alloc] initWithRequest:request2 delegate:connectionDelegate2];
-    [connection2 start];
-    
-    // Connect to NCC Group => will fail because we pinned a wrong certificate
-    NSURLRequest *request3 = [NSURLRequest requestWithURL:[NSURL URLWithString:@"https://www.nccgroup.com/"]];
-    NSURLConnectionDelegateTest *connectionDelegate3 = [[NSURLConnectionDelegateTest alloc] init];
-    NSURLConnection *connection3 = [[NSURLConnection alloc] initWithRequest:request3 delegate:connectionDelegate3];
-    [connection3 start];
-    
-    
-    // Do some polling to wait for the connections to complete
-#define POLL_INTERVAL 0.2 // 200ms
-#define N_SEC_TO_POLL 3.0 // poll for 3s
-#define MAX_POLL_COUNT N_SEC_TO_POLL / POLL_INTERVAL
-    
-    NSUInteger pollCount = 0;
-    while (!(connectionDelegate.connectionFinished && connectionDelegate2.connectionFinished && connectionDelegate3.connectionFinished) && (pollCount < MAX_POLL_COUNT)) {
-        NSDate* untilDate = [NSDate dateWithTimeIntervalSinceNow:POLL_INTERVAL];
-        [[NSRunLoop currentRunLoop] runUntilDate:untilDate];
-        pollCount++;
-    }
-    
-    if (pollCount == MAX_POLL_COUNT) {
-        XCTFail(@"Could not connect in time");
-    }
-    
-    
-    // The first two connections should succeed
-    XCTAssertTrue(connectionDelegate.connectionSucceeded, @"Connection to Twitter failed");
-    XCTAssertTrue(connectionDelegate2.connectionSucceeded, @"Connection to iSEC Partners failed");
-    
-    // The last connection should fail
-    XCTAssertFalse(connectionDelegate3.connectionSucceeded, @"Connection to NCC succeeded");
-}
-
-
-@end
-
-
-#pragma mark Delegate class
-
-@implementation NSURLConnectionDelegateTest
-
-@synthesize connectionSucceeded;
-@synthesize connectionFinished;
-
--(instancetype) init {
-    if (self = [super init])
-    {
-        self.connectionSucceeded = NO;
-        self.connectionFinished = NO;
-    }
-    return self;
-}
-
-
-- (void)connectionDidFinishLoading:(NSURLConnection *)connection {
-    self.connectionSucceeded = YES;
-    self.connectionFinished = YES;
-}
-
-- (void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error {
-    self.connectionSucceeded = NO;
-    self.connectionFinished = YES;
-}
-
-- (void)connection:(NSURLConnection *)connection didReceiveData:(NSData *)data {
-    self.connectionSucceeded = YES;
-    self.connectionFinished = YES;
-}
-
-- (NSCachedURLResponse *)connection:(NSURLConnection *)connection willCacheResponse:(NSCachedURLResponse *)cachedResponse {
-    return cachedResponse;
-}
-
-- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response {
-    self.connectionSucceeded = YES;
-    self.connectionFinished = YES;
-}
-
-- (NSURLRequest *)connection:(NSURLConnection *)connection willSendRequest:(NSURLRequest *)request redirectResponse:(NSURLResponse *)redirectResponse {
-    return request;
-}
-
-@end
\ No newline at end of file
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLSessionTests.m b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLSessionTests.m
deleted file mode 100644
index 5f1da51ba..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/NSURLSessionTests.m
+++ /dev/null
@@ -1,145 +0,0 @@
-//
-//  NSURLSessionTests.m
-//  SSLCertificatePinning
-//
-//  Created by Alban Diquet on 1/14/14.
-//  Copyright (c) 2014 iSEC Partners. All rights reserved.
-//
-
-#import <XCTest/XCTest.h>
-
-#import "ISPPinnedNSURLSessionDelegate.h"
-#import "ISPCertificatePinning.h"
-#import "SSLPinsTestUtility.h"
-
-
-// Delegate we'll use for our tests
-@interface NSURLSessionTaskDelegateTest : ISPPinnedNSURLSessionDelegate <NSURLSessionTaskDelegate, NSURLSessionDataDelegate>
-@property BOOL connectionFinished;
-@property BOOL connectionSucceeded;
-@end
-
-
-@interface NSURLSessionTests : XCTestCase
-
-@end
-
-@implementation NSURLSessionTests
-
-- (void)setUp
-{
-    [super setUp];
-}
-
-- (void)tearDown
-{
-    [super tearDown];
-}
-
-
-#pragma mark SSL pinning test
-- (void)testNSURLSessionSSLPinning
-{
-    
-    // Create our SSL pins dictionnary for Twitter, iSEC and NCC
-    NSDictionary *domainsToPin = [SSLPinsTestUtility setupTestSSLPinsDictionnary];
-    if (domainsToPin == nil) {
-        NSLog(@"Failed to pin a certificate");
-    }
-    
-    // Save the SSL pins so that our session delegates automatically use them
-    if ([ISPCertificatePinning setupSSLPinsUsingDictionnary:domainsToPin] != YES) {
-        NSLog(@"Failed to pin the certificates");
-    }
-    
-    
-    // Connect to Twitter
-    NSURLSessionTaskDelegateTest *sessionDelegate1 = [[NSURLSessionTaskDelegateTest alloc] init];
-    NSURLSession *session1 = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration ephemeralSessionConfiguration] delegate:sessionDelegate1 delegateQueue:nil];
-
-    NSURLSessionDataTask *dataTask1 = [session1 dataTaskWithURL:[NSURL URLWithString:@"https://twitter.com/"] completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
-        
-        sessionDelegate1.connectionFinished = YES;
-        if (!error) {
-            sessionDelegate1.connectionSucceeded = YES;
-        }
-    }];
-    [dataTask1 resume];
-    
-    
-    // Connect to iSEC
-    NSURLSessionTaskDelegateTest *sessionDelegate2 = [[NSURLSessionTaskDelegateTest alloc] init];
-    NSURLSession *session2 = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration ephemeralSessionConfiguration] delegate:sessionDelegate2 delegateQueue:nil];
-    
-    NSURLSessionDataTask *dataTask2 = [session2 dataTaskWithURL:[NSURL URLWithString:@"https://www.isecpartners.com/"] completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
-
-        sessionDelegate2.connectionFinished = YES;
-        if (!error) {
-            sessionDelegate2.connectionSucceeded = YES;
-        }
-    }];
-    [dataTask2 resume];
-    
-    
-    // Connect to NCC Group => will fail because we pinned a wrong certificate
-    NSURLSessionTaskDelegateTest *sessionDelegate3 = [[NSURLSessionTaskDelegateTest alloc] init];
-    NSURLSession *session3 = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration ephemeralSessionConfiguration] delegate:sessionDelegate3 delegateQueue:nil];
-    
-    NSURLSessionDataTask *dataTask3 = [session3 dataTaskWithURL:[NSURL URLWithString:@"https://www.nccgroup.com/"] completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
-
-        sessionDelegate3.connectionFinished = YES;
-        if (!error) {
-            sessionDelegate3.connectionSucceeded = YES;
-        }
-    }];
-    [dataTask3 resume];
-
-    
-    // Do some polling to wait for the connections to complete
-#define POLL_INTERVAL 0.2 // 200ms
-#define N_SEC_TO_POLL 3.0 // poll for 3s
-#define MAX_POLL_COUNT N_SEC_TO_POLL / POLL_INTERVAL
-    
-    NSUInteger pollCount = 0;
-    while (!(sessionDelegate1.connectionFinished && sessionDelegate2.connectionFinished && sessionDelegate3.connectionFinished) && (pollCount < MAX_POLL_COUNT)) {
-        NSDate* untilDate = [NSDate dateWithTimeIntervalSinceNow:POLL_INTERVAL];
-        [[NSRunLoop currentRunLoop] runUntilDate:untilDate];
-        pollCount++;
-    }
-    
-    if (pollCount == MAX_POLL_COUNT) {
-        XCTFail(@"Could not connect in time");
-    }
-    
-    
-    // The first two connections should succeed
-    XCTAssertTrue(sessionDelegate1.connectionSucceeded, @"Connection to Twitter failed");
-    XCTAssertTrue(sessionDelegate2.connectionSucceeded, @"Connection to iSEC Partners failed");
-    
-    // The last connection should fail
-    XCTAssertFalse(sessionDelegate3.connectionSucceeded, @"Connection to NCC succeeded");
-}
-
-
-@end
-    
-    
-    
-    
-#pragma mark Delegate class
-    
-@implementation NSURLSessionTaskDelegateTest
-    
-    @synthesize connectionSucceeded;
-    @synthesize connectionFinished;
-    
-    -(instancetype) init {
-        if (self = [super init])
-        {
-            self.connectionSucceeded = NO;
-            self.connectionFinished = NO;
-        }
-        return self;
-    }
-
-@end
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLCertificatePinningTests-Info.plist b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLCertificatePinningTests-Info.plist
deleted file mode 100644
index ccba61f8e..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLCertificatePinningTests-Info.plist
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>CFBundleDevelopmentRegion</key>
-	<string>en</string>
-	<key>CFBundleExecutable</key>
-	<string>${EXECUTABLE_NAME}</string>
-	<key>CFBundleIdentifier</key>
-	<string>com.isecpartners.${PRODUCT_NAME:rfc1034identifier}</string>
-	<key>CFBundleInfoDictionaryVersion</key>
-	<string>6.0</string>
-	<key>CFBundlePackageType</key>
-	<string>BNDL</string>
-	<key>CFBundleShortVersionString</key>
-	<string>1.0</string>
-	<key>CFBundleSignature</key>
-	<string>????</string>
-	<key>CFBundleVersion</key>
-	<string>1</string>
-</dict>
-</plist>
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.h b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.h
deleted file mode 100644
index 56dde1ac7..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.h
+++ /dev/null
@@ -1,15 +0,0 @@
-//
-//  SSLPinsTestUtility.h
-//  SSLCertificatePinning
-//
-//  Created by Alban Diquet on 2/2/14.
-//  Copyright (c) 2014 iSEC Partners. All rights reserved.
-//
-
-#import <Foundation/Foundation.h>
-
-@interface SSLPinsTestUtility : NSObject
-
-+ (NSDictionary*) setupTestSSLPinsDictionnary;
-
-@end
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.m b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.m
deleted file mode 100644
index 7a5eb22c5..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/SSLPinsTestUtility.m
+++ /dev/null
@@ -1,57 +0,0 @@
-//
-//  SSLPinsTestUtility.m
-//  SSLCertificatePinning
-//
-//  Created by Alban Diquet on 2/2/14.
-//  Copyright (c) 2014 iSEC Partners. All rights reserved.
-//
-
-#import "SSLPinsTestUtility.h"
-#import "ISPCertificatePinning.h"
-
-@implementation SSLPinsTestUtility
-
-
-+ (NSData*)loadCertificateFromFile:(NSString*)fileName {
-    NSString *certPath =  [[NSBundle bundleForClass:[self class]] pathForResource:fileName ofType:@"der"];
-    NSData *certData = [[NSData alloc] initWithContentsOfFile:certPath];
-    return certData;
-}
-
-
-+ (NSDictionary*) setupTestSSLPinsDictionnary {
-    // Build our dictionnary of domain => certificates
-    NSMutableDictionary *domainsToPin = [[NSMutableDictionary alloc] init];
-    
-    
-    // For Twitter, we pin the anchor/CA certificate
-    NSData *twitterCertData = [SSLPinsTestUtility loadCertificateFromFile:@"VeriSignClass3PublicPrimaryCertificationAuthority-G5"];
-    if (twitterCertData == nil) {
-        NSLog(@"Failed to load a certificate");
-        return nil;
-    }
-    NSArray *twitterTrustedCerts = [NSArray arrayWithObject:twitterCertData];
-    [domainsToPin setObject:twitterTrustedCerts forKey:@"twitter.com"];
-    
-    
-    // For iSEC, we pin the server/leaf certificate
-    NSData *isecCertData = [SSLPinsTestUtility loadCertificateFromFile:@"www.isecpartners.com"];
-    if (isecCertData == nil) {
-        NSLog(@"Failed to load a certificate");
-        return nil;
-    }
-    // We also pin Twitter's CA cert just to show that you can pin multiple certs to a single domain
-    // This is useful when transitioning between two certificates on the server
-    // The connection will be succesful if at least one of the pinned certs is found in the server's certificate trust chain
-    NSArray *iSECTrustedCerts = [NSArray arrayWithObjects:isecCertData, twitterCertData, nil];
-    [domainsToPin setObject:iSECTrustedCerts forKey:@"www.isecpartners.com"];
-    
-    
-    // For NCC group, we pin an invalid certificate (Twitter's)
-    NSArray *NCCTrustedCerts = [NSArray arrayWithObject:twitterCertData];
-    [domainsToPin setObject:NCCTrustedCerts forKey:@"www.nccgroup.com"];
-    
-    return domainsToPin;
-}
-
-@end
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/VeriSignClass3PublicPrimaryCertificationAuthority-G5.der b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/VeriSignClass3PublicPrimaryCertificationAuthority-G5.der
deleted file mode 100644
index 9818d19d0..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/VeriSignClass3PublicPrimaryCertificationAuthority-G5.der
+++ /dev/null
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/en.lproj/InfoPlist.strings b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/en.lproj/InfoPlist.strings
deleted file mode 100644
index 477b28ff8..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/en.lproj/InfoPlist.strings
+++ /dev/null
@@ -1,2 +0,0 @@
-/* Localized versions of Info.plist keys */
-
diff --git a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/www.isecpartners.com.der b/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/www.isecpartners.com.der
deleted file mode 100644
index 886cf483e..000000000
--- a/web/server/h2o/libh2o/deps/ssl-conservatory/ios/SSLCertificatePinning/SSLCertificatePinningTests/www.isecpartners.com.der
+++ /dev/null