From af62dfe8e56c2dd59c9fb1bd5a1641c1ec6433eb Mon Sep 17 00:00:00 2001 From: Cykesiopka Date: Mon, 16 Nov 2015 22:53:00 +0100 Subject: [PATCH] Bug 1224478 - Replace do_check_* calls with their Assert.jsm equivalents in PSM xpcshell tests. r=keeler Also replaces if-do_throw() blocks with equivalent Assert.jsm method calls. --- .../tests/unit/sss_readstate_child_worker.js | 32 ++-- .../tests/unit/test_datasignatureverifier.js | 14 +- .../ssl/tests/unit/test_hash_algorithms.js | 26 +--- .../ssl/tests/unit/test_sss_eviction.js | 16 +- .../ssl/tests/unit/test_sss_readstate.js | 70 ++++----- .../tests/unit/test_sss_readstate_child.js | 4 +- .../tests/unit/test_sss_readstate_empty.js | 18 +-- .../tests/unit/test_sss_readstate_garbage.js | 22 +-- .../ssl/tests/unit/test_sss_readstate_huge.js | 34 ++--- .../ssl/tests/unit/test_sss_savestate.js | 10 +- .../manager/ssl/tests/unit/test_sts_fqdn.js | 51 +++---- .../ssl/tests/unit/test_sts_holepunch.js | 38 +++-- .../ssl/tests/unit/test_sts_ipv4_ipv6.js | 6 +- .../unit/test_sts_preloadlist_perwindowpb.js | 143 +++++++++--------- .../unit/test_sts_preloadlist_selfdestruct.js | 12 +- 15 files changed, 239 insertions(+), 257 deletions(-) diff --git a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js index e4859d88cb87..0f1c7a02554f 100644 --- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js +++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js @@ -2,21 +2,21 @@ function run_test() { var SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "expired.example.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "notexpired.example.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.bugzilla.mozilla.org", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "incsubdomain.example.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.incsubdomain.example.com", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.login.persona.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_datasignatureverifier.js b/security/manager/ssl/tests/unit/test_datasignatureverifier.js index 0086dfacc188..1be1866a3023 100644 --- a/security/manager/ssl/tests/unit/test_datasignatureverifier.js +++ b/security/manager/ssl/tests/unit/test_datasignatureverifier.js @@ -174,20 +174,20 @@ var tests = [ function run_test() { var verifier = Cc["@mozilla.org/security/datasignatureverifier;1"]. createInstance(Ci.nsIDataSignatureVerifier); - + for (var t = 0; t < tests.length; t++) { + let testShouldThrow = tests[t][4]; try { var result = verifier.verifyData(data[tests[t][0]], signatures[tests[t][1]], keys[tests[t][2]]); - if (tests[t][4]) - do_throw("Test " + t + " didn't throw"); - if (result != tests[t][3]) - do_throw("Test " + t + " was " + result + " but should have been " + tests[t][3]); + ok(!testShouldThrow, + `Test ${t} should reach here only if not expected to throw`); + equal(result, tests[t][3], + `Actual and expected result should match for test ${t}`); } catch (e) { - if (!tests[t][4]) - do_throw("Test " + t + " threw " + e); + ok(testShouldThrow, `Test ${t} should throw only if expected to: ${e}`); } } } diff --git a/security/manager/ssl/tests/unit/test_hash_algorithms.js b/security/manager/ssl/tests/unit/test_hash_algorithms.js index e254a4b852d5..b4f5a5ed55ba 100644 --- a/security/manager/ssl/tests/unit/test_hash_algorithms.js +++ b/security/manager/ssl/tests/unit/test_hash_algorithms.js @@ -71,22 +71,14 @@ function doHash(algo, value, cmp) { value = converter.convertToByteArray(value); hash.update(value, value.length); var hash1 = hexdigest(hash.finish(false)); - if (cmp != hash1) { - do_throw("Hash mismatch!\n" + - " Expected: " + cmp + "\n" + - " Actual: " + hash1 + "\n" + - " Algo: " + algo); - } + equal(hash1, cmp, + `Actual and expected hash for ${algo} should match`); hash.initWithString(algo); hash.update(value, value.length); var hash2 = hexdigest(hash.finish(false)); - if (cmp != hash2) { - do_throw("Hash mismatch after crypto hash re-init!\n" + - " Expected: " + cmp + "\n" + - " Actual: " + hash2 + "\n" + - " Algo: " + algo); - } + equal(hash2, cmp, + `Actual and expected hash for ${algo} should match after re-init`); } function doHashStream(algo, value, cmp) { @@ -97,12 +89,8 @@ function doHashStream(algo, value, cmp) { var stream = converter.convertToInputStream(value); hash.updateFromStream(stream, stream.available()); hash = hexdigest(hash.finish(false)); - if (cmp != hash) { - do_throw("Hash mismatch!\n" + - " Expected: " + cmp + "\n" + - " Actual: " + hash + "\n" + - " Algo: " + algo); - } + equal(hash, cmp, + `Actual and expected hash for ${algo} should match updating from stream`); } function run_test() { @@ -110,7 +98,7 @@ function run_test() { hashes[algo].forEach( function(e, i) { doHash(algo, messages[i], e); - + if (messages[i].length) { // this test doesn't work for empty string/stream doHashStream(algo, messages[i], e); diff --git a/security/manager/ssl/tests/unit/test_sss_eviction.js b/security/manager/ssl/tests/unit/test_sss_eviction.js index bbf87642fd49..983d64997adf 100644 --- a/security/manager/ssl/tests/unit/test_sss_eviction.js +++ b/security/manager/ssl/tests/unit/test_sss_eviction.js @@ -9,11 +9,11 @@ var gSSService = null; var gProfileDir = null; function do_state_written(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); let stateFile = gProfileDir.clone(); stateFile.append(SSS_STATE_FILE_NAME); - do_check_true(stateFile.exists()); + ok(stateFile.exists()); let stateFileContents = readFile(stateFile); // the last part is removed because it's the empty string after the final \n let lines = stateFileContents.split('\n').slice(0, -1); @@ -35,15 +35,15 @@ function do_state_written(aSubject, aTopic, aData) { } } - do_check_true(foundLegitSite); + ok(foundLegitSite); do_test_finished(); } function do_state_read(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "frequentlyused.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "frequentlyused.example.com", 0)); let sslStatus = new FakeSSLStatus(); for (let i = 0; i < 2000; i++) { let uri = Services.io.newURI("http://bad" + i + ".example.com", null, null); @@ -62,7 +62,7 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); let outputStream = FileUtils.openFileOutputStream(stateFile); let now = (new Date()).getTime(); let line = "frequentlyused.example.com:HSTS\t4\t0\t" + (now + 100000) + ",1,0\n"; @@ -72,5 +72,5 @@ function run_test() { do_test_pending(); gSSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(gSSService != null); + notEqual(gSSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate.js b/security/manager/ssl/tests/unit/test_sss_readstate.js index eae665d7c159..ce50a9fbe414 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate.js @@ -12,43 +12,43 @@ function writeLine(aLine, aOutputStream) { var gSSService = null; function checkStateRead(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "expired.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "notexpired.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "incsubdomain.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.incsubdomain.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.login.persona.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); // Clearing the data should make everything go back to default. gSSService.clearAll(); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "expired.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "notexpired.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.bugzilla.mozilla.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "incsubdomain.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.incsubdomain.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.login.persona.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); do_test_finished(); } @@ -58,7 +58,7 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); let outputStream = FileUtils.openFileOutputStream(stateFile); let now = (new Date()).getTime(); writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream); @@ -73,5 +73,5 @@ function run_test() { do_test_pending(); gSSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(gSSService != null); + notEqual(gSSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_child.js b/security/manager/ssl/tests/unit/test_sss_readstate_child.js index 2264eda86881..f9187ad129fb 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js @@ -21,7 +21,7 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); let outputStream = FileUtils.openFileOutputStream(stateFile); let now = (new Date()).getTime(); writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream); @@ -36,5 +36,5 @@ function run_test() { do_test_pending(); var SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(SSService != null); + notEqual(SSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js index eef53fbb107f..62c27a131d1b 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js @@ -9,15 +9,15 @@ var gSSService = null; function checkStateRead(aSubject, aTopic, aData) { // nonexistent.example.com should never be an HSTS host - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "nonexistent.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "nonexistent.example.com", 0)); // bugzilla.mozilla.org is preloaded - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // notexpired.example.com is an HSTS host in a different test - we // want to make sure that test hasn't interfered with this one. - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "notexpired.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); do_test_finished(); } @@ -27,14 +27,14 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); stateFile.create(Ci.nsIFile.NORMAL_FILE_TYPE, 0x1a4); // 0x1a4 == 0644 - do_check_true(stateFile.exists()); + ok(stateFile.exists()); // Initialize nsISiteSecurityService after do_get_profile() so it // can read the state file. Services.obs.addObserver(checkStateRead, "data-storage-ready", false); do_test_pending(); gSSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(gSSService != null); + notEqual(gSSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js index 1804214b5ca2..a20fcf4933f3 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js @@ -12,16 +12,16 @@ function writeLine(aLine, aOutputStream) { var gSSService = null; function checkStateRead(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example1.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example2.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example3.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example2.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example3.example.com", 0)); do_test_finished(); } @@ -31,7 +31,7 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); let outputStream = FileUtils.openFileOutputStream(stateFile); let now = (new Date()).getTime(); writeLine("example1.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream); @@ -47,5 +47,5 @@ function run_test() { do_test_pending(); gSSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(gSSService != null); + notEqual(gSSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js index b2cb333ef0a1..e4837e9ebe4a 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js @@ -13,22 +13,22 @@ function writeLine(aLine, aOutputStream) { var gSSService = null; function checkStateRead(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example0.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example423.example.com", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example1023.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example1024.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example1025.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example9000.example.com", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example99999.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example0.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example423.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1023.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1024.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1025.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example9000.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example99999.example.com", 0)); do_test_finished(); } @@ -38,7 +38,7 @@ function run_test() { stateFile.append(SSS_STATE_FILE_NAME); // Assuming we're working with a clean slate, the file shouldn't exist // until we create it. - do_check_false(stateFile.exists()); + ok(!stateFile.exists()); let outputStream = FileUtils.openFileOutputStream(stateFile); let now = (new Date()).getTime(); for (let i = 0; i < 10000; i++) { @@ -51,5 +51,5 @@ function run_test() { do_test_pending(); gSSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_true(gSSService != null); + notEqual(gSSService, null); } diff --git a/security/manager/ssl/tests/unit/test_sss_savestate.js b/security/manager/ssl/tests/unit/test_sss_savestate.js index e9332befdc01..e4bc21ba8198 100644 --- a/security/manager/ssl/tests/unit/test_sss_savestate.js +++ b/security/manager/ssl/tests/unit/test_sss_savestate.js @@ -17,15 +17,15 @@ const NON_ISSUED_KEY_HASH = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; // separated by newlines ('\n') function checkStateWritten(aSubject, aTopic, aData) { - do_check_eq(aData, SSS_STATE_FILE_NAME); + equal(aData, SSS_STATE_FILE_NAME); let stateFile = gProfileDir.clone(); stateFile.append(SSS_STATE_FILE_NAME); - do_check_true(stateFile.exists()); + ok(stateFile.exists()); let stateFileContents = readFile(stateFile); // the last line is removed because it's just a trailing newline let lines = stateFileContents.split('\n').slice(0, -1); - do_check_eq(lines.length, EXPECTED_ENTRIES); + equal(lines.length, EXPECTED_ENTRIES); let sites = {}; // a map of domain name -> [the entry in the state file] for (let line of lines) { let parts = line.split('\t'); @@ -37,7 +37,7 @@ function checkStateWritten(aSubject, aTopic, aData) { if (host.indexOf("HPKP") != -1) { expectedColumns = EXPECTED_HPKP_COLUMNS; } - do_check_eq(entry.length, expectedColumns); + equal(entry.length, expectedColumns); sites[host] = entry; } @@ -85,7 +85,7 @@ function checkStateWritten(aSubject, aTopic, aData) { if (sites["dynamic-pin.example.com:HPKP"][2] != 1) { return; } - do_check_eq(sites["dynamic-pin.example.com:HPKP"][3], NON_ISSUED_KEY_HASH); + equal(sites["dynamic-pin.example.com:HPKP"][3], NON_ISSUED_KEY_HASH); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_sts_fqdn.js b/security/manager/ssl/tests/unit/test_sts_fqdn.js index da2d0cb1c19e..be49318f2e35 100644 --- a/security/manager/ssl/tests/unit/test_sts_fqdn.js +++ b/security/manager/ssl/tests/unit/test_sts_fqdn.js @@ -7,50 +7,47 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com.", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); // These cases are only relevant as long as bug 1118522 hasn't been fixed. - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com..", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); let uri = Services.io.newURI("https://example.com", null, null); let sslStatus = new FakeSSLStatus(); SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000;includeSubdomains", sslStatus, 0); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com.", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com..", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); - do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - uri, 0)); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); uri = Services.io.newURI("https://example.com.", null, null); - do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - uri, 0)); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); uri = Services.io.newURI("https://example.com..", null, null); - do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - uri, 0)); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); SSService.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com.", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.com..", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); // Somehow creating this malformed URI succeeds - we need to handle it // gracefully. uri = Services.io.newURI("https://../foo", null, null); - do_check_eq(uri.host, ".."); + equal(uri.host, ".."); try { SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0); - do_check_false(true); // this shouldn't run + ok(false); // this shouldn't run } catch (e) { - do_check_eq(e.result, Cr.NS_ERROR_UNEXPECTED); + equal(e.result, Cr.NS_ERROR_UNEXPECTED); } } diff --git a/security/manager/ssl/tests/unit/test_sts_holepunch.js b/security/manager/ssl/tests/unit/test_sts_holepunch.js index 951662fb4616..b7e643148414 100644 --- a/security/manager/ssl/tests/unit/test_sts_holepunch.js +++ b/security/manager/ssl/tests/unit/test_sts_holepunch.js @@ -10,27 +10,25 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "chart.apis.google.com", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "CHART.APIS.GOOGLE.COM", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.chart.apis.google.com", 0)); - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "SUB.CHART.APIS.GOOGLE.COM", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "example.apis.google.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "EXAMPLE.APIS.GOOGLE.COM", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sub.example.apis.google.com", 0)); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "SUB.EXAMPLE.APIS.GOOGLE.COM", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "chart.apis.google.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "CHART.APIS.GOOGLE.COM", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.chart.apis.google.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "SUB.CHART.APIS.GOOGLE.COM", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.apis.google.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "EXAMPLE.APIS.GOOGLE.COM", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.example.apis.google.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "SUB.EXAMPLE.APIS.GOOGLE.COM", 0)); // also check isSecureURI let chartURI = Services.io.newURI("http://chart.apis.google.com", null, null); - do_check_false(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - chartURI, 0)); + ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, chartURI, 0)); let otherURI = Services.io.newURI("http://other.apis.google.com", null, null); - do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - otherURI, 0)); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, otherURI, 0)); } diff --git a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js index 9a0ed6f79f93..ca252e33bc14 100644 --- a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js +++ b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js @@ -1,6 +1,6 @@ function check_ip(s, v, ip) { let sslStatus = new FakeSSLStatus(); - do_check_false(s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0)); + ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0)); let str = "https://"; if (v == 6) { @@ -25,8 +25,8 @@ function check_ip(s, v, ip) { * If processHeader indeed ignore the header, then the output parameters will * remain empty, and we shouldn't see the values passed as the header. */ - do_check_neq(parsedMaxAge.value, 1000); - do_check_neq(parsedIncludeSubdomains.value, true); + notEqual(parsedMaxAge.value, 1000); + notEqual(parsedIncludeSubdomains.value, true); } function run_test() { diff --git a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js index 30444a78ca0d..c901b1476d6f 100644 --- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js +++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js @@ -36,55 +36,54 @@ function run_test() { function test_part1() { // check that a host not in the list is not identified as an sts host - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "nonexistent.mozilla.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "nonexistent.mozilla.com", 0)); // check that an ancestor domain is not identified as an sts host - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "com", 0)); // check that the pref to toggle using the preload list works Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // check that a subdomain is an sts host (includeSubdomains is set) - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // check that another subdomain is an sts host (includeSubdomains is set) - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "a.b.c.def.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.c.def.bugzilla.mozilla.org", 0)); // check that a subdomain is not an sts host (includeSubdomains is not set) - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.www.torproject.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.www.torproject.org", 0)); // check that a host with a dot on the end won't break anything - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "notsts.nonexistent.mozilla.com.", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notsts.nonexistent.mozilla.com.", 0)); // check that processing a header with max-age: 0 will remove a preloaded // site from the list var uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // check that processing another header (with max-age non-zero) will // re-enable a site's sts status gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, 0); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // but this time include subdomains was not set, so test for that - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); gSSService.clearAll(); // check that processing a header with max-age: 0 from a subdomain of a site @@ -92,10 +91,10 @@ function test_part1() { var uri = Services.io.newURI("http://subdomain.www.torproject.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "www.torproject.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.www.torproject.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "www.torproject.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.www.torproject.org", 0)); var uri = Services.io.newURI("http://subdomain.bugzilla.mozilla.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, @@ -109,14 +108,14 @@ function test_part1() { // |-- subdomain.bugzilla.mozilla.org IS sts host // | `-- another.subdomain.bugzilla.mozilla.org IS sts host // `-- sibling.bugzilla.mozilla.org IS sts host - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sibling.bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "another.subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sibling.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "another.subdomain.bugzilla.mozilla.org", 0)); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, 0); @@ -125,12 +124,12 @@ function test_part1() { // |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host // | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host // `-- sibling.bugzilla.mozilla.org IS sts host - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "sibling.bugzilla.mozilla.org", 0)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "another.subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sibling.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "another.subdomain.bugzilla.mozilla.org", 0)); // Test that an expired non-private browsing entry results in correctly // identifying a host that is on the preload list as no longer sts. @@ -138,14 +137,14 @@ function test_part1() { // a site on the preload list, and that header later expires. We need to // then treat that host as no longer an sts host.) // (sanity check first - this should be in the preload list) - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); var uri = Services.io.newURI("http://login.persona.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1", sslStatus, 0); do_timeout(1250, function() { - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); run_next_test(); }); } @@ -155,35 +154,35 @@ const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE; function test_private_browsing1() { gSSService.clearAll(); // sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", IS_PRIVATE)); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); var uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, IS_PRIVATE); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", IS_PRIVATE)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // check adding it back in gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, IS_PRIVATE); - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); // but no includeSubdomains this time - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // do the hokey-pokey... gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, IS_PRIVATE); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", IS_PRIVATE)); - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // Test that an expired private browsing entry results in correctly // identifying a host that is on the preload list as no longer sts. @@ -191,14 +190,14 @@ function test_private_browsing1() { // a site on the preload list, and that header later expires. We need to // then treat that host as no longer an sts host.) // (sanity check first - this should be in the preload list) - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", IS_PRIVATE)); var uri = Services.io.newURI("http://login.persona.org", null, null); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1", sslStatus, IS_PRIVATE); do_timeout(1250, function() { - do_check_false(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", IS_PRIVATE)); // Simulate leaving private browsing mode Services.obs.notifyObservers(null, "last-pb-context-exited", null); }); @@ -206,16 +205,16 @@ function test_private_browsing1() { function test_private_browsing2() { // if this test gets this far, it means there's a private browsing service - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // the bugzilla.mozilla.org entry has includeSubdomains set - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // Now that we're out of private browsing mode, we need to make sure // we've "forgotten" that we "forgot" this site's sts status. - do_check_true(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "login.persona.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); run_next_test(); } diff --git a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js index 92712999f189..3fc3215e21bd 100644 --- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js +++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js @@ -6,19 +6,19 @@ function run_test() { .getService(Ci.nsISiteSecurityService); // check that a host on the preload list is identified as an sts host - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // now simulate that it's 19 weeks later than it actually is let offsetSeconds = 19 * 7 * 24 * 60 * 60; Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds); // check that the preloaded host is no longer considered sts - do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // just make sure we can get everything back to normal Services.prefs.clearUserPref("test.currentTimeOffsetSeconds"); - do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, - "bugzilla.mozilla.org", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); }