diff --git a/build/Makefile.in b/build/Makefile.in index 21c0e95e950..fa3f14830b0 100644 --- a/build/Makefile.in +++ b/build/Makefile.in @@ -78,15 +78,13 @@ browser_path = \"$(DIST)/bin/$(PROGRAM)\" endif endif -_PROFILE_DIR = _profile/pgo -_CERTS_SRC_DIR = $(srcdir)/certs +_CERTS_DIR = _profile/pgo/certs AUTOMATION_PPARGS = \ -DBROWSER_PATH=$(browser_path) \ -DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \ -DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \ - -DPROFILE_DIR=\"$(_PROFILE_DIR)\" \ - -DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \ + -DCERTS_DIR=\"../$(_CERTS_DIR)\" \ $(NULL) ifeq ($(OS_ARCH),Darwin) diff --git a/build/pgo/Makefile.in b/build/pgo/Makefile.in old mode 100755 new mode 100644 index 31e95687470..04614162d28 --- a/build/pgo/Makefile.in +++ b/build/pgo/Makefile.in @@ -47,12 +47,14 @@ include $(DEPTH)/config/autoconf.mk DIRS = \ blueprint \ js-input \ + certs \ $(NULL) include $(topsrcdir)/config/rules.mk # Stuff to make a build with a profile _PROFILE_DIR = $(DEPTH)/_profile/pgo +_CERTS_DIR = $(_PROFILE_DIR)/certs _CERTS_SRC_DIR = $(srcdir)/certs _PGO_FILES = \ @@ -88,7 +90,7 @@ AUTOMATION_PPARGS = \ -DBROWSER_PATH=$(browser_path) \ -DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \ -DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \ - -DPROFILE_DIR=\"$(_PROFILE_DIR)\" \ + -DCERTS_DIR=\"$(_CERTS_DIR)\" \ -DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \ $(NULL) diff --git a/build/pgo/automation.py.in b/build/pgo/automation.py.in index 7e324dc9cf3..b47eb60e19b 100755 --- a/build/pgo/automation.py.in +++ b/build/pgo/automation.py.in @@ -82,8 +82,7 @@ IS_CYGWIN = False UNIXISH = not IS_WIN32 and not IS_MAC #expand DEFAULT_APP = "./" + __BROWSER_PATH__ -#expand PROFILE_DIR = __PROFILE_DIR__ -#expand CERTS_SRC_DIR = __CERTS_SRC_DIR__ +#expand CERTS_DIR = __CERTS_DIR__ #expand IS_TEST_BUILD = __IS_TEST_BUILD__ #expand IS_DEBUG_BUILD = __IS_DEBUG_BUILD__ @@ -399,11 +398,11 @@ def fillCertificateDB(profileDir): pwfile.close() # Create head of the ssltunnel configuration file - sslTunnelConfigPath = os.path.join(PROFILE_DIR, "ssltunnel.cfg") + sslTunnelConfigPath = os.path.join(CERTS_DIR, "ssltunnel.cfg") sslTunnelConfig = open(sslTunnelConfigPath, "w") sslTunnelConfig.write("httpproxy:1\n") - sslTunnelConfig.write("certdbdir:%s\n" % CERTS_SRC_DIR) + sslTunnelConfig.write("certdbdir:%s\n" % CERTS_DIR) sslTunnelConfig.write("forward:127.0.0.1:8888\n") sslTunnelConfig.write("listen:*:4443:pgo server certificate\n") @@ -438,17 +437,16 @@ def fillCertificateDB(profileDir): return status # Walk the cert directory and add custom CAs and client certs - files = os.listdir(CERTS_SRC_DIR) + files = os.listdir(CERTS_DIR) for item in files: root, ext = os.path.splitext(item) if ext == ".ca": - Process(certutil, ["-A", "-i", os.path.join(CERTS_SRC_DIR, item), + Process(certutil, ["-A", "-i", os.path.join(CERTS_DIR, item), "-d", profileDir, "-f", pwfilePath, "-n", root, "-t", "CT,,"], environment()).wait() if ext == ".client": - Process(pk12util, ["-i", os.path.join(CERTS_SRC_DIR, item), "-w", - pwfilePath, "-d", profileDir], - environment()).wait() + Process(pk12util, ["-i", os.path.join(CERTS_DIR, item), "-w", pwfilePath, + "-d", profileDir], environment()).wait() os.unlink(pwfilePath) return 0 @@ -480,7 +478,7 @@ def runApp(testURL, env, app, profileDir, extraArgs): # start ssltunnel to provide https:// URLs capability ssltunnel = DIST_BIN + "/ssltunnel" + BIN_SUFFIX - ssltunnelProcess = Process(ssltunnel, [os.path.join(PROFILE_DIR, "ssltunnel.cfg")], environment()) + ssltunnelProcess = Process(ssltunnel, [os.path.join(CERTS_DIR, "ssltunnel.cfg")], environment()) log.info("SSL tunnel pid: %d", ssltunnelProcess.pid) "Run the app, returning the time at which it was started." diff --git a/build/pgo/certs/Makefile.in b/build/pgo/certs/Makefile.in new file mode 100644 index 00000000000..d9fd8ff9c25 --- /dev/null +++ b/build/pgo/certs/Makefile.in @@ -0,0 +1,74 @@ +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is Mozilla test code +# +# The Initial Developer of the Original Code is +# Mozilla Foundation +# Portions created by the Initial Developer are Copyright (C) 2008 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Honza Bambas +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +DEPTH = ../../.. +topsrcdir = @top_srcdir@ +srcdir = @srcdir@ +VPATH = @srcdir@ + +include $(DEPTH)/config/autoconf.mk + +_PROFILE_DIR = $(DEPTH)/_profile/pgo +_CERTS_DIR = $(_PROFILE_DIR)/certs + +# Following files will be added as trusted Certificate Authorities +# to the PGO profile. +# Extension of those files MUST BE '.ca'. +_CERT_AUTHORITIES = \ + pgoca.ca \ + $(NULL) + + +# Following files will be added as user/client certificates +# to the PGO profile to be used for client authentication. +# Extension of those files MUST BE '.client'. +_CLIENT_CERTS = \ + mochitest.client \ + $(NULL) + +_SERV_FILES = \ + pgoca.p12 \ + cert8.db \ + key3.db \ + secmod.db \ + $(NULL) + +include $(topsrcdir)/config/rules.mk + +libs:: $(_SERV_FILES) $(_CERT_AUTHORITIES) $(_CLIENT_CERTS) + $(INSTALL) $^ $(_CERTS_DIR) diff --git a/build/pgo/genpgocert.py.in b/build/pgo/genpgocert.py.in index b5f2a947a66..0cfdd64370a 100644 --- a/build/pgo/genpgocert.py.in +++ b/build/pgo/genpgocert.py.in @@ -44,7 +44,7 @@ import sys #expand DIST_BIN = __XPC_BIN_PATH__ #expand BIN_SUFFIX = __BIN_SUFFIX__ -#expand PROFILE_DIR = __PROFILE_DIR__ +#expand CERTS_DIR = __CERTS_DIR__ #expand CERTS_SRC_DIR = __CERTS_SRC_DIR__ dbFiles = [ @@ -68,6 +68,13 @@ def dbFilesExist(path): return True return False +def installDbFiles(path, dest): + for root, dirs, files in os.walk(path): + for name in files: + for dbFile in dbFiles: + if dbFile.match(name): + shutil.copy(os.path.join(root, name), os.path.join(dest, name)) + def runUtil(util, args, inputdata = None): proc = automation.Process(util, args, automation.environment(), inputdata) @@ -82,11 +89,11 @@ def createRandomFile(randomFile): file.close() -def createCertificateAuthority(profileDir, srcDir): +def createCertificateAuthority(dbDir, srcDir): certutil = DIST_BIN + "/certutil" + BIN_SUFFIX pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX - tempDbDir = os.path.join(profileDir, ".temp") + tempDbDir = os.path.join(dbDir, ".temp") if not os.path.exists(tempDbDir): os.mkdir(tempDbDir) @@ -94,6 +101,8 @@ def createCertificateAuthority(profileDir, srcDir): rndfilePath = os.path.join(tempDbDir, ".rndfile") pgoCAModulePathSrc = os.path.join(srcDir, "pgoca.p12") pgoCAPathSrc = os.path.join(srcDir, "pgoca.ca") + pgoCAModulePath = os.path.join(srcDir, "pgoca.p12") + pgoCAPath = os.path.join(srcDir, "pgoca.ca") pwfile = open(pwfilePath, "w") pwfile.write("\n") @@ -126,20 +135,21 @@ def createCertificateAuthority(profileDir, srcDir): return 0 -def createSSLServerCertificate(profileDir, srcDir): +def createSSLServerCertificate(dbDir, srcDir): certutil = DIST_BIN + "/certutil" + BIN_SUFFIX pk12util = DIST_BIN + "/pk12util" + BIN_SUFFIX - pwfilePath = os.path.join(profileDir, ".crtdbpw") - rndfilePath = os.path.join(profileDir, ".rndfile") - pgoCAPath = os.path.join(srcDir, "pgoca.p12") + pwfilePath = os.path.join(dbDir, ".crtdbpw") + rndfilePath = os.path.join(dbDir, ".rndfile") + pgoCAPath = os.path.join(dbDir, "pgoca.p12") pwfile = open(pwfilePath, "w") pwfile.write("\n") pwfile.close() + unlinkDbFiles(dbDir) + if not dbFilesExist(srcDir): - # Make sure all DB files from src are really deleted unlinkDbFiles(srcDir) # Create certification database for ssltunnel @@ -152,7 +162,7 @@ def createSSLServerCertificate(profileDir, srcDir): return status # Generate automatic certificate - locations = automation.readLocations(os.path.join(profileDir, "server-locations.txt")) + locations = automation.readLocations(os.path.join(dbDir, "../server-locations.txt")) locations.pop(0) locationsParam = "" firstLocation = "" @@ -186,6 +196,7 @@ def createSSLServerCertificate(profileDir, srcDir): if status != 0: return status + installDbFiles(srcDir, dbDir) os.unlink(pwfilePath) os.unlink(rndfilePath) return 0 @@ -196,14 +207,14 @@ if len(sys.argv) == 1: sys.exit(1) if sys.argv[1] == "--gen-server": - certificateStatus = createSSLServerCertificate(PROFILE_DIR, CERTS_SRC_DIR) + certificateStatus = createSSLServerCertificate(CERTS_DIR, CERTS_SRC_DIR) if certificateStatus != 0: print "ERROR FAIL: SSL Server Certificate generation" sys.exit(certificateStatus) if sys.argv[1] == "--gen-ca": - certificateStatus = createCertificateAuthority(PROFILE_DIR, CERTS_SRC_DIR) + certificateStatus = createCertificateAuthority(CERTS_DIR, CERTS_SRC_DIR) if certificateStatus != 0: print "ERROR FAIL: Certificate Authority generation" else: diff --git a/testing/mochitest/Makefile.in b/testing/mochitest/Makefile.in index 1cca58f79d3..0bc0fbd0530 100644 --- a/testing/mochitest/Makefile.in +++ b/testing/mochitest/Makefile.in @@ -74,8 +74,7 @@ _SERV_FILES = \ _DEST_DIR = $(DEPTH)/_tests/$(relativesrcdir) -_PROFILE_DIR = $(DEPTH)/_profile/pgo -_CERTS_SRC_DIR = $(topsrcdir)/build/pgo/certs +_CERTS_DIR = $(DEPTH)/_profile/pgo/certs ifeq ($(USE_SHORT_LIBNAME), 1) PROGRAM = $(MOZ_APP_NAME)$(BIN_SUFFIX) @@ -102,8 +101,7 @@ TEST_DRIVER_PPARGS = \ -DBROWSER_PATH=$(browser_path) \ -DXPC_BIN_PATH=\"$(LIBXUL_DIST)/bin\" \ -DBIN_SUFFIX=\"$(BIN_SUFFIX)\" \ - -DPROFILE_DIR=\"../$(_PROFILE_DIR)\" \ - -DCERTS_SRC_DIR=\"$(_CERTS_SRC_DIR)\" \ + -DCERTS_DIR=\"../$(_CERTS_DIR)\" \ $(NULL) ifeq ($(OS_ARCH),Darwin)