diff --git a/build.sh b/build.sh index 338e14beb0..558e91fcc5 100755 --- a/build.sh +++ b/build.sh @@ -99,6 +99,7 @@ while [ $# -gt 0 ]; do --system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;; --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;; --enable-fips) gyp_params+=(-Ddisable_fips=0) ;; + --mozpkix-only) gyp_params+=(-Dmozpkix_only=1 -Ddisable_tests=1 -Dsign_libs=0) ;; *) show_help; exit 2 ;; esac shift diff --git a/coreconf/config.gypi b/coreconf/config.gypi index 58137872ce..ba1b0c8c56 100644 --- a/coreconf/config.gypi +++ b/coreconf/config.gypi @@ -108,8 +108,12 @@ 'emit_llvm%': 0, 'nss_public_dist_dir%': '<(nss_dist_dir)/public', 'nss_private_dist_dir%': '<(nss_dist_dir)/private', + # This is only needed when building with --mozpkix-only and might not work + # on all machines. + 'nss_include_dir%': '/usr/include/nss', 'only_dev_random%': 1, 'disable_fips%': 1, + 'mozpkix_only%': 0, }, 'target_defaults': { # Settings specific to targets should go here. @@ -126,6 +130,11 @@ '<(nss_dist_dir)/private/<(module)', ], 'conditions': [ + [ 'mozpkix_only==1 and OS=="linux"', { + 'include_dirs': [ + '<(nss_include_dir)', + ], + }], [ 'disable_fips==1', { 'defines': [ 'NSS_FIPS_DISABLED', diff --git a/cpputil/dummy_io.h b/cpputil/dummy_io.h index 797ac61133..e10ee1eee3 100644 --- a/cpputil/dummy_io.h +++ b/cpputil/dummy_io.h @@ -8,7 +8,7 @@ #include "prerror.h" #include "prio.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" class DummyIOLayerMethods { public: diff --git a/cpputil/scoped_ptrs.h b/cpputil/nss_scoped_ptrs.h similarity index 91% rename from cpputil/scoped_ptrs.h rename to cpputil/nss_scoped_ptrs.h index 6ffef4dd3f..03979f2c58 100644 --- a/cpputil/scoped_ptrs.h +++ b/cpputil/nss_scoped_ptrs.h @@ -4,8 +4,8 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at http://mozilla.org/MPL/2.0/. */ -#ifndef scoped_ptrs_h__ -#define scoped_ptrs_h__ +#ifndef nss_scoped_ptrs_h__ +#define nss_scoped_ptrs_h__ #include #include "cert.h" @@ -13,7 +13,6 @@ #include "p12.h" #include "pk11pub.h" #include "pkcs11uri.h" -#include "sslexp.h" struct ScopedDelete { void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); } @@ -29,6 +28,9 @@ struct ScopedDelete { void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); } void operator()(PRFileDesc* fd) { PR_Close(fd); } void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); } + void operator()(SECKEYEncryptedPrivateKeyInfo* e) { + SECKEY_DestroyEncryptedPrivateKeyInfo(e, true); + } void operator()(SECItem* item) { SECITEM_FreeItem(item, true); } void operator()(SECKEYPublicKey* key) { SECKEY_DestroyPublicKey(key); } void operator()(SECKEYPrivateKey* key) { SECKEY_DestroyPrivateKey(key); } @@ -39,9 +41,6 @@ struct ScopedDelete { void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); } void operator()(PK11Context* context) { PK11_DestroyContext(context, true); } void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); } - void operator()(SSLResumptionTokenInfo* token) { - SSL_DestroyResumptionTokenInfo(token); - } void operator()(SEC_PKCS12DecoderContext* dcx) { SEC_PKCS12DecoderFinish(dcx); } @@ -69,6 +68,7 @@ SCOPED(PK11SlotInfo); SCOPED(PK11SymKey); SCOPED(PRFileDesc); SCOPED(SECAlgorithmID); +SCOPED(SECKEYEncryptedPrivateKeyInfo); SCOPED(SECItem); SCOPED(SECKEYPublicKey); SCOPED(SECKEYPrivateKey); @@ -77,10 +77,9 @@ SCOPED(PK11URI); SCOPED(PLArenaPool); SCOPED(PK11Context); SCOPED(PK11GenericObject); -SCOPED(SSLResumptionTokenInfo); SCOPED(SEC_PKCS12DecoderContext); SCOPED(CERTDistNames); #undef SCOPED -#endif // scoped_ptrs_h__ +#endif // nss_scoped_ptrs_h__ diff --git a/cpputil/scoped_ptrs_ssl.h b/cpputil/scoped_ptrs_ssl.h new file mode 100644 index 0000000000..7eeae8f8f8 --- /dev/null +++ b/cpputil/scoped_ptrs_ssl.h @@ -0,0 +1,35 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef scoped_ptrs_ssl_h__ +#define scoped_ptrs_ssl_h__ + +#include +#include "sslexp.h" + +struct ScopedDeleteSSL { + void operator()(SSLResumptionTokenInfo* token) { + SSL_DestroyResumptionTokenInfo(token); + } +}; + +template +struct ScopedMaybeDeleteSSL { + void operator()(T* ptr) { + if (ptr) { + ScopedDeleteSSL del; + del(ptr); + } + } +}; + +#define SCOPED(x) typedef std::unique_ptr > Scoped##x + +SCOPED(SSLResumptionTokenInfo); + +#undef SCOPED + +#endif // scoped_ptrs_ssl_h__ diff --git a/exports.gyp b/exports.gyp index 907b5ac886..5cb44157fd 100644 --- a/exports.gyp +++ b/exports.gyp @@ -5,9 +5,82 @@ 'includes': [ 'coreconf/config.gypi' ], + 'conditions': [ + [ 'mozpkix_only==0', { + 'targets': [ + { + 'target_name': 'nss_exports', + 'type': 'none', + 'direct_dependent_settings': { + 'include_dirs': [ + '<(nss_public_dist_dir)/nss', + ] + }, + 'dependencies': [ + 'cmd/lib/exports.gyp:cmd_lib_exports', + 'lib/base/exports.gyp:lib_base_exports', + 'lib/certdb/exports.gyp:lib_certdb_exports', + 'lib/certhigh/exports.gyp:lib_certhigh_exports', + 'lib/ckfw/builtins/exports.gyp:lib_ckfw_builtins_exports', + 'lib/ckfw/exports.gyp:lib_ckfw_exports', + 'lib/crmf/exports.gyp:lib_crmf_exports', + 'lib/cryptohi/exports.gyp:lib_cryptohi_exports', + 'lib/dev/exports.gyp:lib_dev_exports', + 'lib/freebl/exports.gyp:lib_freebl_exports', + 'lib/jar/exports.gyp:lib_jar_exports', + 'lib/nss/exports.gyp:lib_nss_exports', + 'lib/pk11wrap/exports.gyp:lib_pk11wrap_exports', + 'lib/pkcs12/exports.gyp:lib_pkcs12_exports', + 'lib/pkcs7/exports.gyp:lib_pkcs7_exports', + 'lib/pki/exports.gyp:lib_pki_exports', + 'lib/smime/exports.gyp:lib_smime_exports', + 'lib/softoken/exports.gyp:lib_softoken_exports', + 'lib/sqlite/exports.gyp:lib_sqlite_exports', + 'lib/ssl/exports.gyp:lib_ssl_exports', + 'lib/util/exports.gyp:lib_util_exports', + 'lib/zlib/exports.gyp:lib_zlib_exports', + ], + 'conditions': [ + [ 'disable_libpkix==0', { + 'dependencies': [ + 'lib/libpkix/include/exports.gyp:lib_libpkix_include_exports', + 'lib/libpkix/pkix/certsel/exports.gyp:lib_libpkix_pkix_certsel_exports', + 'lib/libpkix/pkix/checker/exports.gyp:lib_libpkix_pkix_checker_exports', + 'lib/libpkix/pkix/crlsel/exports.gyp:lib_libpkix_pkix_crlsel_exports', + 'lib/libpkix/pkix/params/exports.gyp:lib_libpkix_pkix_params_exports', + 'lib/libpkix/pkix/results/exports.gyp:lib_libpkix_pkix_results_exports', + 'lib/libpkix/pkix/store/exports.gyp:lib_libpkix_pkix_store_exports', + 'lib/libpkix/pkix/top/exports.gyp:lib_libpkix_pkix_top_exports', + 'lib/libpkix/pkix/util/exports.gyp:lib_libpkix_pkix_util_exports', + 'lib/libpkix/pkix_pl_nss/module/exports.gyp:lib_libpkix_pkix_pl_nss_module_exports', + 'lib/libpkix/pkix_pl_nss/pki/exports.gyp:lib_libpkix_pkix_pl_nss_pki_exports', + 'lib/libpkix/pkix_pl_nss/system/exports.gyp:lib_libpkix_pkix_pl_nss_system_exports', + ], + }], + ], + }, + { + 'target_name': 'dbm_exports', + 'type': 'none', + 'conditions': [ + ['disable_dbm==0', { + 'direct_dependent_settings': { + 'include_dirs': [ + '<(nss_public_dist_dir)/dbm' + ] + }, + 'dependencies': [ + 'lib/dbm/include/exports.gyp:lib_dbm_include_exports' + ], + }], + ], + } + ], + }], + ], 'targets': [ { - 'target_name': 'nss_exports', + 'target_name': 'nss_mozpkix_exports', 'type': 'none', 'direct_dependent_settings': { 'include_dirs': [ @@ -15,63 +88,9 @@ ] }, 'dependencies': [ - 'cmd/lib/exports.gyp:cmd_lib_exports', - 'lib/base/exports.gyp:lib_base_exports', - 'lib/certdb/exports.gyp:lib_certdb_exports', - 'lib/certhigh/exports.gyp:lib_certhigh_exports', - 'lib/ckfw/builtins/exports.gyp:lib_ckfw_builtins_exports', - 'lib/ckfw/exports.gyp:lib_ckfw_exports', - 'lib/crmf/exports.gyp:lib_crmf_exports', - 'lib/cryptohi/exports.gyp:lib_cryptohi_exports', - 'lib/dev/exports.gyp:lib_dev_exports', - 'lib/freebl/exports.gyp:lib_freebl_exports', - 'lib/jar/exports.gyp:lib_jar_exports', - 'lib/nss/exports.gyp:lib_nss_exports', - 'lib/pk11wrap/exports.gyp:lib_pk11wrap_exports', - 'lib/pkcs12/exports.gyp:lib_pkcs12_exports', - 'lib/pkcs7/exports.gyp:lib_pkcs7_exports', - 'lib/pki/exports.gyp:lib_pki_exports', - 'lib/smime/exports.gyp:lib_smime_exports', - 'lib/softoken/exports.gyp:lib_softoken_exports', - 'lib/sqlite/exports.gyp:lib_sqlite_exports', - 'lib/ssl/exports.gyp:lib_ssl_exports', - 'lib/util/exports.gyp:lib_util_exports', - 'lib/zlib/exports.gyp:lib_zlib_exports' - ], - 'conditions': [ - [ 'disable_libpkix==0', { - 'dependencies': [ - 'lib/libpkix/include/exports.gyp:lib_libpkix_include_exports', - 'lib/libpkix/pkix/certsel/exports.gyp:lib_libpkix_pkix_certsel_exports', - 'lib/libpkix/pkix/checker/exports.gyp:lib_libpkix_pkix_checker_exports', - 'lib/libpkix/pkix/crlsel/exports.gyp:lib_libpkix_pkix_crlsel_exports', - 'lib/libpkix/pkix/params/exports.gyp:lib_libpkix_pkix_params_exports', - 'lib/libpkix/pkix/results/exports.gyp:lib_libpkix_pkix_results_exports', - 'lib/libpkix/pkix/store/exports.gyp:lib_libpkix_pkix_store_exports', - 'lib/libpkix/pkix/top/exports.gyp:lib_libpkix_pkix_top_exports', - 'lib/libpkix/pkix/util/exports.gyp:lib_libpkix_pkix_util_exports', - 'lib/libpkix/pkix_pl_nss/module/exports.gyp:lib_libpkix_pkix_pl_nss_module_exports', - 'lib/libpkix/pkix_pl_nss/pki/exports.gyp:lib_libpkix_pkix_pl_nss_pki_exports', - 'lib/libpkix/pkix_pl_nss/system/exports.gyp:lib_libpkix_pkix_pl_nss_system_exports', - ], - }], + 'lib/mozpkix/exports.gyp:lib_mozpkix_exports', + 'lib/mozpkix/exports.gyp:lib_mozpkix_test_exports', ], }, - { - 'target_name': 'dbm_exports', - 'type': 'none', - 'conditions': [ - ['disable_dbm==0', { - 'direct_dependent_settings': { - 'include_dirs': [ - '<(nss_public_dist_dir)/dbm' - ] - }, - 'dependencies': [ - 'lib/dbm/include/exports.gyp:lib_dbm_include_exports' - ], - }], - ], - } - ] + ], } diff --git a/fuzz/tls_server_certs.cc b/fuzz/tls_server_certs.cc index 705b6aab3d..20732a5e0a 100644 --- a/fuzz/tls_server_certs.cc +++ b/fuzz/tls_server_certs.cc @@ -8,7 +8,7 @@ #include "ssl.h" #include "cpputil.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_server_certs.h" const uint8_t kP256ServerCert[] = { diff --git a/gtests/certdb_gtest/alg1485_unittest.cc b/gtests/certdb_gtest/alg1485_unittest.cc index ef67330927..8daa6660f6 100644 --- a/gtests/certdb_gtest/alg1485_unittest.cc +++ b/gtests/certdb_gtest/alg1485_unittest.cc @@ -9,7 +9,7 @@ #include "gtest/gtest.h" #include "nss.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "prprf.h" namespace nss_test { diff --git a/gtests/cryptohi_gtest/cryptohi_unittest.cc b/gtests/cryptohi_gtest/cryptohi_unittest.cc index ab553ee012..d690a4fec3 100644 --- a/gtests/cryptohi_gtest/cryptohi_unittest.cc +++ b/gtests/cryptohi_gtest/cryptohi_unittest.cc @@ -8,7 +8,7 @@ #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "cryptohi.h" #include "secitem.h" #include "secerr.h" diff --git a/gtests/der_gtest/der_private_key_import_unittest.cc b/gtests/der_gtest/der_private_key_import_unittest.cc index 836cc78765..88c2833170 100644 --- a/gtests/der_gtest/der_private_key_import_unittest.cc +++ b/gtests/der_gtest/der_private_key_import_unittest.cc @@ -11,7 +11,7 @@ #include "secutil.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/der_gtest/p12_import_unittest.cc b/gtests/der_gtest/p12_import_unittest.cc index 6ffcda3482..31020231a0 100644 --- a/gtests/der_gtest/p12_import_unittest.cc +++ b/gtests/der_gtest/p12_import_unittest.cc @@ -8,7 +8,7 @@ #include "p12.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/freebl_gtest/ecl_unittest.cc b/gtests/freebl_gtest/ecl_unittest.cc index fbad0246f9..36074be82b 100644 --- a/gtests/freebl_gtest/ecl_unittest.cc +++ b/gtests/freebl_gtest/ecl_unittest.cc @@ -7,7 +7,7 @@ #include #include "blapi.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "secerr.h" namespace nss_test { diff --git a/lib/mozpkix/test/gtest/README.txt b/gtests/mozpkix_gtest/README.txt similarity index 100% rename from lib/mozpkix/test/gtest/README.txt rename to gtests/mozpkix_gtest/README.txt diff --git a/gtests/mozpkix_gtest/mozpkix_gtest.gyp b/gtests/mozpkix_gtest/mozpkix_gtest.gyp new file mode 100644 index 0000000000..899b849fcb --- /dev/null +++ b/gtests/mozpkix_gtest/mozpkix_gtest.gyp @@ -0,0 +1,71 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi', + '../common/gtest.gypi', + ], + 'targets': [ + { + 'target_name': 'mozpkix_gtest', + 'type': 'executable', + 'sources': [ + '<(DEPTH)/gtests/common/gtests.cc', + 'pkixbuild_tests.cpp', + 'pkixcert_extension_tests.cpp', + 'pkixcert_signature_algorithm_tests.cpp', + 'pkixcheck_CheckExtendedKeyUsage_tests.cpp', + 'pkixcheck_CheckIssuer_tests.cpp', + 'pkixcheck_CheckKeyUsage_tests.cpp', + 'pkixcheck_CheckSignatureAlgorithm_tests.cpp', + 'pkixcheck_CheckValidity_tests.cpp', + 'pkixcheck_ParseValidity_tests.cpp', + 'pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp', + 'pkixder_input_tests.cpp', + 'pkixder_pki_types_tests.cpp', + 'pkixder_universal_types_tests.cpp', + 'pkixgtest.cpp', + 'pkixnames_tests.cpp', + 'pkixocsp_CreateEncodedOCSPRequest_tests.cpp', + 'pkixocsp_VerifyEncodedOCSPResponse.cpp', + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports', + '<(DEPTH)/gtests/google_test/google_test.gyp:gtest', + '<(DEPTH)/lib/util/util.gyp:nssutil', + '<(DEPTH)/lib/ssl/ssl.gyp:ssl', + '<(DEPTH)/lib/nss/nss.gyp:nss_static', + '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static', + '<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi', + '<(DEPTH)/lib/certhigh/certhigh.gyp:certhi', + '<(DEPTH)/lib/certdb/certdb.gyp:certdb', + '<(DEPTH)/lib/base/base.gyp:nssb', + '<(DEPTH)/lib/dev/dev.gyp:nssdev', + '<(DEPTH)/lib/pki/pki.gyp:nsspki', + '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix', + '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix-testlib', + ], + 'include_dirs': [ + '<(DEPTH)/lib/mozpkix/', + '<(DEPTH)/lib/mozpkix/lib', + '<(DEPTH)/lib/mozpkix/include/', + '<(DEPTH)/lib/mozpkix/include/pkix-test/', + ], + 'conditions': [ + [ 'OS=="win"', { + 'libraries': [ + 'advapi32.lib', + ], + }], + ], + 'defines': [ + 'NSS_USE_STATIC_LIBS' + ], + } + ], + 'variables': { + 'module': 'nss', + 'use_static_libs': 1, + } +} diff --git a/lib/mozpkix/test/gtest/pkixbuild_tests.cpp b/gtests/mozpkix_gtest/pkixbuild_tests.cpp similarity index 97% rename from lib/mozpkix/test/gtest/pkixbuild_tests.cpp rename to gtests/mozpkix_gtest/pkixbuild_tests.cpp index 866f97fedd..e173210758 100644 --- a/lib/mozpkix/test/gtest/pkixbuild_tests.cpp +++ b/gtests/mozpkix_gtest/pkixbuild_tests.cpp @@ -37,9 +37,10 @@ #pragma warning(pop) #endif -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; @@ -683,8 +684,8 @@ class MultiplePathTrustDomain: public DefaultCryptoTrustDomain TEST_F(pkixbuild, BadEmbeddedSCTWithMultiplePaths) { - MultiplePathTrustDomain trustDomain; - trustDomain.SetUpCerts(); + MultiplePathTrustDomain localTrustDomain; + localTrustDomain.SetUpCerts(); // python security/pkix/tools/DottedOIDToCode.py --tlv // id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2 @@ -709,7 +710,7 @@ TEST_F(pkixbuild, BadEmbeddedSCTWithMultiplePaths) Input certDERInput; ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ASSERT_EQ(Result::ERROR_BAD_DER, - BuildCertChain(trustDomain, certDERInput, Now(), + BuildCertChain(localTrustDomain, certDERInput, Now(), EndEntityOrCA::MustBeEndEntity, KeyUsage::noParticularKeyUsageRequired, KeyPurposeId::id_kp_serverAuth, @@ -734,15 +735,15 @@ class RevokedEndEntityTrustDomain final : public MultiplePathTrustDomain TEST_F(pkixbuild, RevokedEndEntityWithMultiplePaths) { - RevokedEndEntityTrustDomain trustDomain; - trustDomain.SetUpCerts(); + RevokedEndEntityTrustDomain localTrustDomain; + localTrustDomain.SetUpCerts(); ByteString certDER(CreateCert("Intermediate", "RevokedEndEntity", EndEntityOrCA::MustBeEndEntity)); ASSERT_FALSE(ENCODING_FAILED(certDER)); Input certDERInput; ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ASSERT_EQ(Result::ERROR_REVOKED_CERTIFICATE, - BuildCertChain(trustDomain, certDERInput, Now(), + BuildCertChain(localTrustDomain, certDERInput, Now(), EndEntityOrCA::MustBeEndEntity, KeyUsage::noParticularKeyUsageRequired, KeyPurposeId::id_kp_serverAuth, @@ -846,7 +847,7 @@ class SelfIssuedCertificatesTrustDomain final : public DefaultCryptoTrustDomain TEST_F(pkixbuild, AvoidUnboundedPathSearchingFailure) { - SelfIssuedCertificatesTrustDomain trustDomain; + SelfIssuedCertificatesTrustDomain localTrustDomain; // This creates a few hundred million potential paths of length 8 (end entity // + 6 sub-CAs + root). It would be prohibitively expensive to enumerate all // of these, so we give mozilla::pkix a budget that is spent when searching @@ -854,15 +855,15 @@ TEST_F(pkixbuild, AvoidUnboundedPathSearchingFailure) // error. In the future it might be nice to return a specific error that would // give the front-end a hint that maybe it shouldn't have so many certificates // that all have the same subject and issuer DN but different SPKIs. - trustDomain.SetUpCerts(18); + localTrustDomain.SetUpCerts(18); ByteString certDER(CreateCert("DN", "DN", EndEntityOrCA::MustBeEndEntity, nullptr, nullptr, - trustDomain.GetFirstIssuerKey())); + localTrustDomain.GetFirstIssuerKey())); ASSERT_FALSE(ENCODING_FAILED(certDER)); Input certDERInput; ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ASSERT_EQ(Result::ERROR_UNKNOWN_ISSUER, - BuildCertChain(trustDomain, certDERInput, Now(), + BuildCertChain(localTrustDomain, certDERInput, Now(), EndEntityOrCA::MustBeEndEntity, KeyUsage::noParticularKeyUsageRequired, KeyPurposeId::id_kp_serverAuth, @@ -872,19 +873,19 @@ TEST_F(pkixbuild, AvoidUnboundedPathSearchingFailure) TEST_F(pkixbuild, AvoidUnboundedPathSearchingSuccess) { - SelfIssuedCertificatesTrustDomain trustDomain; + SelfIssuedCertificatesTrustDomain localTrustDomain; // This creates a few hundred thousand possible potential paths of length 8 // (end entity + 6 sub-CAs + root). This will nearly exhaust mozilla::pkix's // search budget, so this should succeed. - trustDomain.SetUpCerts(10); + localTrustDomain.SetUpCerts(10); ByteString certDER(CreateCert("DN", "DN", EndEntityOrCA::MustBeEndEntity, nullptr, nullptr, - trustDomain.GetFirstIssuerKey())); + localTrustDomain.GetFirstIssuerKey())); ASSERT_FALSE(ENCODING_FAILED(certDER)); Input certDERInput; ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ASSERT_EQ(Success, - BuildCertChain(trustDomain, certDERInput, Now(), + BuildCertChain(localTrustDomain, certDERInput, Now(), EndEntityOrCA::MustBeEndEntity, KeyUsage::noParticularKeyUsageRequired, KeyPurposeId::id_kp_serverAuth, diff --git a/lib/mozpkix/test/gtest/pkixcert_extension_tests.cpp b/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcert_extension_tests.cpp rename to gtests/mozpkix_gtest/pkixcert_extension_tests.cpp index b2cdb296ee..762fac1462 100644 --- a/lib/mozpkix/test/gtest/pkixcert_extension_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixder.h" #include "pkixgtest.h" -#include "pkixtestutil.h" + +#include "mozpkix/pkixder.h" +#include "mozpkix/test/pkixtestutil.h" using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp b/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp rename to gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp index c22b5e2608..00ccffb043 100644 --- a/lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp @@ -3,9 +3,10 @@ /* Any copyright is dedicated to the Public Domain. * http://creativecommons.org/publicdomain/zero/1.0/ */ -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp index 39a21e4b7e..0aef3d5c12 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixder.h" #include "pkixgtest.h" -#include "pkixutil.h" + +#include "mozpkix/pkixder.h" +#include "mozpkix/pkixutil.h" using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_CheckIssuer_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp similarity index 98% rename from lib/mozpkix/test/gtest/pkixcheck_CheckIssuer_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp index d7fcfb210e..bcc2c11986 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_CheckIssuer_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixcheck.h" #include "pkixgtest.h" +#include "mozpkix/pkixcheck.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp similarity index 100% rename from lib/mozpkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp diff --git a/lib/mozpkix/test/gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp index 9cf29896ab..70e6fd410b 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_CheckValidity_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcheck_CheckValidity_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp index a77a2f47c1..a1a6f998bd 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_CheckValidity_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixcheck.h" #include "pkixgtest.h" +#include "mozpkix/pkixcheck.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_ParseValidity_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp similarity index 98% rename from lib/mozpkix/test/gtest/pkixcheck_ParseValidity_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp index 5206ce14f1..7255bb5df7 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_ParseValidity_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixcheck.h" #include "pkixgtest.h" +#include "mozpkix/pkixcheck.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp b/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp rename to gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp index 6149286de3..b7809cc602 100644 --- a/lib/mozpkix/test/gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp +++ b/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixder_input_tests.cpp b/gtests/mozpkix_gtest/pkixder_input_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixder_input_tests.cpp rename to gtests/mozpkix_gtest/pkixder_input_tests.cpp index b0a6c8bf02..cf91fa2c61 100644 --- a/lib/mozpkix/test/gtest/pkixder_input_tests.cpp +++ b/gtests/mozpkix_gtest/pkixder_input_tests.cpp @@ -26,7 +26,7 @@ #include #include "pkixgtest.h" -#include "pkixder.h" +#include "mozpkix/pkixder.h" using namespace mozilla::pkix; using namespace mozilla::pkix::der; diff --git a/lib/mozpkix/test/gtest/pkixder_pki_types_tests.cpp b/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixder_pki_types_tests.cpp rename to gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp index e40c2a4c3c..989f3d2965 100644 --- a/lib/mozpkix/test/gtest/pkixder_pki_types_tests.cpp +++ b/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp @@ -26,8 +26,9 @@ #include #include "pkixgtest.h" -#include "pkix/pkixtypes.h" -#include "pkixder.h" + +#include "mozpkix/pkixtypes.h" +#include "mozpkix/pkixder.h" using namespace mozilla::pkix; using namespace mozilla::pkix::der; diff --git a/lib/mozpkix/test/gtest/pkixder_universal_types_tests.cpp b/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixder_universal_types_tests.cpp rename to gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp index 8e21fc50df..260c735ece 100644 --- a/lib/mozpkix/test/gtest/pkixder_universal_types_tests.cpp +++ b/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp @@ -26,9 +26,10 @@ #include #include -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::der; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixgtest.cpp b/gtests/mozpkix_gtest/pkixgtest.cpp similarity index 98% rename from lib/mozpkix/test/gtest/pkixgtest.cpp rename to gtests/mozpkix_gtest/pkixgtest.cpp index 77baef8576..45932731bd 100644 --- a/lib/mozpkix/test/gtest/pkixgtest.cpp +++ b/gtests/mozpkix_gtest/pkixgtest.cpp @@ -26,7 +26,7 @@ #include -#include "pkix/Time.h" +#include "mozpkix/Time.h" namespace mozilla { namespace pkix { namespace test { diff --git a/lib/mozpkix/test/gtest/pkixgtest.h b/gtests/mozpkix_gtest/pkixgtest.h similarity index 99% rename from lib/mozpkix/test/gtest/pkixgtest.h rename to gtests/mozpkix_gtest/pkixgtest.h index 744465bf90..4f362e78be 100644 --- a/lib/mozpkix/test/gtest/pkixgtest.h +++ b/gtests/mozpkix_gtest/pkixgtest.h @@ -56,8 +56,8 @@ #pragma warning(pop) #endif -#include "pkix/pkix.h" -#include "pkixtestutil.h" +#include "mozpkix/pkix.h" +#include "mozpkix/test/pkixtestutil.h" // PrintTo must be in the same namespace as the type we're overloading it for. namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/test/gtest/pkixnames_tests.cpp b/gtests/mozpkix_gtest/pkixnames_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixnames_tests.cpp rename to gtests/mozpkix_gtest/pkixnames_tests.cpp index a328234af1..2169db9db7 100644 --- a/lib/mozpkix/test/gtest/pkixnames_tests.cpp +++ b/gtests/mozpkix_gtest/pkixnames_tests.cpp @@ -21,10 +21,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "pkixcheck.h" -#include "pkixder.h" #include "pkixgtest.h" -#include "pkixutil.h" + +#include "mozpkix/pkixcheck.h" +#include "mozpkix/pkixder.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp b/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp rename to gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp index ffc987c86f..ff154e7ec7 100644 --- a/lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp +++ b/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp @@ -23,7 +23,8 @@ */ #include "pkixgtest.h" -#include "pkixder.h" + +#include "mozpkix/pkixder.h" using namespace mozilla::pkix; using namespace mozilla::pkix::test; diff --git a/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp b/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp similarity index 99% rename from lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp rename to gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp index 2dd5175055..3fe4e7b5ac 100644 --- a/lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp +++ b/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixder.h" #include "pkixgtest.h" +#include "mozpkix/pkixder.h" + using namespace mozilla::pkix; using namespace mozilla::pkix::test; @@ -61,7 +62,6 @@ class OCSPTestTrustDomain : public DefaultCryptoTrustDomain namespace { char const* const rootName = "Test CA 1"; -void deleteCertID(CertID* certID) { delete certID; } } // namespace class pkixocsp_VerifyEncodedResponse : public ::testing::Test @@ -119,7 +119,7 @@ class pkixocsp_VerifyEncodedResponse : public ::testing::Test ByteString rootNameDER; ByteString serialNumberDER; // endEntityCertID references rootKeyPair, rootNameDER, and serialNumberDER. - ScopedPtr endEntityCertID; + ScopedCertID endEntityCertID; }; /*static*/ ScopedTestKeyPair pkixocsp_VerifyEncodedResponse::rootKeyPair; diff --git a/gtests/nss_bogo_shim/nss_bogo_shim.cc b/gtests/nss_bogo_shim/nss_bogo_shim.cc index fc1d3259f7..b2ce6898da 100644 --- a/gtests/nss_bogo_shim/nss_bogo_shim.cc +++ b/gtests/nss_bogo_shim/nss_bogo_shim.cc @@ -18,7 +18,7 @@ #include "ssl3prot.h" #include "sslerr.h" #include "sslproto.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "nsskeys.h" diff --git a/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc b/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc index a4e8bedba1..4072cf2b72 100644 --- a/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc +++ b/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc @@ -10,7 +10,7 @@ #include "secerr.h" #include "sechash.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "gcm-vectors.h" #include "gtest/gtest.h" diff --git a/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc b/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc index a0226e6dfd..4d4250a5e9 100644 --- a/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc +++ b/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc @@ -9,7 +9,7 @@ #include "pk11pub.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { @@ -129,4 +129,4 @@ TEST_F(Pkcs11AESKeyWrapTest, WrapUnwrepTest6) { WrapUnwrap(kKEK3, sizeof(kKEK3), kKD6, sizeof(kKD6), kC6); } -} /* nss_test */ \ No newline at end of file +} /* nss_test */ diff --git a/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc index dac2a41ba8..07bc91ee69 100644 --- a/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc +++ b/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc @@ -10,7 +10,7 @@ #include "sechash.h" #include "cpputil.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "gtest/gtest.h" diff --git a/gtests/pk11_gtest/pk11_curve25519_unittest.cc b/gtests/pk11_gtest/pk11_curve25519_unittest.cc index 40b5362073..009c44fce8 100644 --- a/gtests/pk11_gtest/pk11_curve25519_unittest.cc +++ b/gtests/pk11_gtest/pk11_curve25519_unittest.cc @@ -7,7 +7,7 @@ #include "pk11pub.h" #include "cpputil.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "gtest/gtest.h" diff --git a/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc b/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc index 836cc78765..88c2833170 100644 --- a/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc +++ b/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc @@ -11,7 +11,7 @@ #include "secutil.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc index fb06598525..e905f78350 100644 --- a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc +++ b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc @@ -8,7 +8,7 @@ #include "sechash.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "pk11_ecdsa_vectors.h" #include "pk11_signature_test.h" diff --git a/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc b/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc index aa92756f26..f4accac023 100644 --- a/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc +++ b/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc @@ -8,7 +8,7 @@ #include "prerror.h" #include "nss.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "cpputil.h" #include "databuffer.h" #include "util.h" diff --git a/gtests/pk11_gtest/pk11_export_unittest.cc b/gtests/pk11_gtest/pk11_export_unittest.cc index e5d5ae8e99..bfd65b952e 100644 --- a/gtests/pk11_gtest/pk11_export_unittest.cc +++ b/gtests/pk11_gtest/pk11_export_unittest.cc @@ -9,7 +9,7 @@ #include "pk11pub.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc b/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc index d72f94c2cb..fc055f4009 100644 --- a/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc +++ b/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc @@ -9,7 +9,7 @@ #include "pk11pub.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc b/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc index 862a7434e6..044d4e25e8 100644 --- a/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc +++ b/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc @@ -10,7 +10,7 @@ #include "pk11pub.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "cpputil.h" namespace nss_test { diff --git a/gtests/pk11_gtest/pk11_rsapss_unittest.cc b/gtests/pk11_gtest/pk11_rsapss_unittest.cc index 6c8c5ab4e9..ed0573027f 100644 --- a/gtests/pk11_gtest/pk11_rsapss_unittest.cc +++ b/gtests/pk11_gtest/pk11_rsapss_unittest.cc @@ -10,7 +10,7 @@ #include "sechash.h" #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "pk11_signature_test.h" #include "pk11_rsapss_vectors.h" diff --git a/gtests/pk11_gtest/pk11_signature_test.h b/gtests/pk11_gtest/pk11_signature_test.h index 8a12171a0a..0526fea559 100644 --- a/gtests/pk11_gtest/pk11_signature_test.h +++ b/gtests/pk11_gtest/pk11_signature_test.h @@ -8,7 +8,7 @@ #include "sechash.h" #include "cpputil.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "databuffer.h" #include "gtest/gtest.h" diff --git a/gtests/softoken_gtest/softoken_gtest.cc b/gtests/softoken_gtest/softoken_gtest.cc index d61e2e75fa..5e2a497b8b 100644 --- a/gtests/softoken_gtest/softoken_gtest.cc +++ b/gtests/softoken_gtest/softoken_gtest.cc @@ -11,7 +11,7 @@ #include "pk11pub.h" #include "secerr.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #define GTEST_HAS_RTTI 0 #include "gtest/gtest.h" diff --git a/gtests/ssl_gtest/selfencrypt_unittest.cc b/gtests/ssl_gtest/selfencrypt_unittest.cc index 4bae9dec95..0c62c4cac3 100644 --- a/gtests/ssl_gtest/selfencrypt_unittest.cc +++ b/gtests/ssl_gtest/selfencrypt_unittest.cc @@ -19,7 +19,7 @@ extern "C" { #include "databuffer.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/gtests/ssl_gtest/ssl_0rtt_unittest.cc index 28fdc66318..07eadfbd1e 100644 --- a/gtests/ssl_gtest/ssl_0rtt_unittest.cc +++ b/gtests/ssl_gtest/ssl_0rtt_unittest.cc @@ -16,7 +16,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_auth_unittest.cc b/gtests/ssl_gtest/ssl_auth_unittest.cc index 1e882911c5..93a8c540ad 100644 --- a/gtests/ssl_gtest/ssl_auth_unittest.cc +++ b/gtests/ssl_gtest/ssl_auth_unittest.cc @@ -15,7 +15,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_damage_unittest.cc b/gtests/ssl_gtest/ssl_damage_unittest.cc index b8836d7fc2..0723c9bee5 100644 --- a/gtests/ssl_gtest/ssl_damage_unittest.cc +++ b/gtests/ssl_gtest/ssl_damage_unittest.cc @@ -17,7 +17,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_dhe_unittest.cc b/gtests/ssl_gtest/ssl_dhe_unittest.cc index 3a97b0f9e1..f1ccc28644 100644 --- a/gtests/ssl_gtest/ssl_dhe_unittest.cc +++ b/gtests/ssl_gtest/ssl_dhe_unittest.cc @@ -13,7 +13,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_drop_unittest.cc b/gtests/ssl_gtest/ssl_drop_unittest.cc index 5108631b1e..f25efc77ad 100644 --- a/gtests/ssl_gtest/ssl_drop_unittest.cc +++ b/gtests/ssl_gtest/ssl_drop_unittest.cc @@ -14,7 +14,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_ecdh_unittest.cc b/gtests/ssl_gtest/ssl_ecdh_unittest.cc index 12c6e8516c..f1cf1fabca 100644 --- a/gtests/ssl_gtest/ssl_ecdh_unittest.cc +++ b/gtests/ssl_gtest/ssl_ecdh_unittest.cc @@ -17,7 +17,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_ems_unittest.cc b/gtests/ssl_gtest/ssl_ems_unittest.cc index dad6ca0265..39b2d58736 100644 --- a/gtests/ssl_gtest/ssl_ems_unittest.cc +++ b/gtests/ssl_gtest/ssl_ems_unittest.cc @@ -10,7 +10,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_fragment_unittest.cc b/gtests/ssl_gtest/ssl_fragment_unittest.cc index 74a30ff5b9..3752812633 100644 --- a/gtests/ssl_gtest/ssl_fragment_unittest.cc +++ b/gtests/ssl_gtest/ssl_fragment_unittest.cc @@ -10,7 +10,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_hrr_unittest.cc b/gtests/ssl_gtest/ssl_hrr_unittest.cc index fe22969024..9a019480c1 100644 --- a/gtests/ssl_gtest/ssl_hrr_unittest.cc +++ b/gtests/ssl_gtest/ssl_hrr_unittest.cc @@ -13,7 +13,7 @@ #include "ssl3prot.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_keyupdate_unittest.cc b/gtests/ssl_gtest/ssl_keyupdate_unittest.cc index d03775c25d..d6ac99a58d 100644 --- a/gtests/ssl_gtest/ssl_keyupdate_unittest.cc +++ b/gtests/ssl_gtest/ssl_keyupdate_unittest.cc @@ -15,7 +15,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_loopback_unittest.cc b/gtests/ssl_gtest/ssl_loopback_unittest.cc index 0ffe32617c..cf2d1c066c 100644 --- a/gtests/ssl_gtest/ssl_loopback_unittest.cc +++ b/gtests/ssl_gtest/ssl_loopback_unittest.cc @@ -18,7 +18,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_recordsize_unittest.cc b/gtests/ssl_gtest/ssl_recordsize_unittest.cc index 0d6b4bbb33..0a54ae1a80 100644 --- a/gtests/ssl_gtest/ssl_recordsize_unittest.cc +++ b/gtests/ssl_gtest/ssl_recordsize_unittest.cc @@ -10,7 +10,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_resumption_unittest.cc b/gtests/ssl_gtest/ssl_resumption_unittest.cc index 0d6dd48b9d..f092f8d126 100644 --- a/gtests/ssl_gtest/ssl_resumption_unittest.cc +++ b/gtests/ssl_gtest/ssl_resumption_unittest.cc @@ -18,7 +18,8 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" +#include "scoped_ptrs_ssl.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_staticrsa_unittest.cc b/gtests/ssl_gtest/ssl_staticrsa_unittest.cc index ff4091b9a3..abddaa5b61 100644 --- a/gtests/ssl_gtest/ssl_staticrsa_unittest.cc +++ b/gtests/ssl_gtest/ssl_staticrsa_unittest.cc @@ -17,7 +17,7 @@ extern "C" { } #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_version_unittest.cc b/gtests/ssl_gtest/ssl_version_unittest.cc index 6b8599da13..ffc0893e90 100644 --- a/gtests/ssl_gtest/ssl_version_unittest.cc +++ b/gtests/ssl_gtest/ssl_version_unittest.cc @@ -11,7 +11,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc b/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc index 09d7801e9a..a75dbb7aa7 100644 --- a/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc +++ b/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc @@ -12,7 +12,7 @@ #include "sslproto.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" diff --git a/gtests/ssl_gtest/test_io.h b/gtests/ssl_gtest/test_io.h index 8327373ce5..062ae86c8b 100644 --- a/gtests/ssl_gtest/test_io.h +++ b/gtests/ssl_gtest/test_io.h @@ -17,7 +17,7 @@ #include "databuffer.h" #include "dummy_io.h" #include "prio.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "sslt.h" namespace nss_test { diff --git a/gtests/ssl_gtest/tls_agent.cc b/gtests/ssl_gtest/tls_agent.cc index da146a5356..488842a88b 100644 --- a/gtests/ssl_gtest/tls_agent.cc +++ b/gtests/ssl_gtest/tls_agent.cc @@ -26,7 +26,7 @@ extern "C" { #define GTEST_HAS_RTTI 0 #include "gtest/gtest.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" extern std::string g_working_dir_path; diff --git a/gtests/ssl_gtest/tls_agent.h b/gtests/ssl_gtest/tls_agent.h index 6ccf1b43d0..0202218682 100644 --- a/gtests/ssl_gtest/tls_agent.h +++ b/gtests/ssl_gtest/tls_agent.h @@ -17,7 +17,8 @@ #define GTEST_HAS_RTTI 0 #include "gtest/gtest.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" +#include "scoped_ptrs_ssl.h" extern bool g_ssl_gtest_verbose; diff --git a/gtests/ssl_gtest/tls_connect.cc b/gtests/ssl_gtest/tls_connect.cc index 68f6d21e9c..e65fea782b 100644 --- a/gtests/ssl_gtest/tls_connect.cc +++ b/gtests/ssl_gtest/tls_connect.cc @@ -14,7 +14,7 @@ extern "C" { #include "databuffer.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "sslproto.h" extern std::string g_working_dir_path; diff --git a/gtests/ssl_gtest/tls_hkdf_unittest.cc b/gtests/ssl_gtest/tls_hkdf_unittest.cc index a24a8e916a..004da3b1cc 100644 --- a/gtests/ssl_gtest/tls_hkdf_unittest.cc +++ b/gtests/ssl_gtest/tls_hkdf_unittest.cc @@ -11,7 +11,7 @@ #include "databuffer.h" #include "gtest_utils.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" namespace nss_test { diff --git a/help.txt b/help.txt index b4ffc03827..1458c96dbe 100644 --- a/help.txt +++ b/help.txt @@ -3,7 +3,7 @@ Usage: build.sh [-hcv] [-cc] [-j ] [--nspr] [--gyp|-g] [--opt|-o] [-m32] [--asan] [--ubsan] [--msan] [--sancov[=edge|bb|func|...]] [--disable-tests] [--fuzz[=tls|oss]] [--system-sqlite] [--no-zdefs] [--with-nspr] [--system-nspr] [--enable-libpkix] - [--enable-fips] + [--enable-fips] [--mozpkix-only] This script builds NSS with gyp and ninja. @@ -48,3 +48,5 @@ NSS build tool options: might not work on all systems. --enable-libpkix make libpkix part of the build. --enable-fips don't disable FIPS checks. + --mozpkix-only build only static mozpkix and mozpkix-test libraries. + Note that support for this build option is limited. diff --git a/lib/mozpkix/.clang-format b/lib/mozpkix/.clang-format new file mode 100644 index 0000000000..06e3c5115f --- /dev/null +++ b/lib/mozpkix/.clang-format @@ -0,0 +1,4 @@ +--- +Language: Cpp +BasedOnStyle: Google +... diff --git a/lib/mozpkix/exports.gyp b/lib/mozpkix/exports.gyp new file mode 100644 index 0000000000..248efc910e --- /dev/null +++ b/lib/mozpkix/exports.gyp @@ -0,0 +1,47 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'lib_mozpkix_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + '<(DEPTH)/cpputil/nss_scoped_ptrs.h', + 'include/pkix/Input.h', + 'include/pkix/Time.h', + 'include/pkix/Result.h', + 'include/pkix/pkix.h', + 'include/pkix/pkixnss.h', + 'include/pkix/pkixtypes.h', + 'include/pkix/pkixutil.h', + 'include/pkix/pkixcheck.h', + 'include/pkix/pkixder.h', + ], + 'destination': '<(nss_public_dist_dir)/<(module)/mozpkix' + }, + ], + }, + { + 'target_name': 'lib_mozpkix_test_exports', + 'type': 'none', + 'copies': [ + { + 'files': [ + 'include/pkix-test/pkixtestutil.h', + 'include/pkix-test/pkixtestnss.h', + ], + 'destination': '<(nss_public_dist_dir)/<(module)/mozpkix/test' + }, + ], + } + ], + 'variables': { + 'module': 'nss' + } +} \ No newline at end of file diff --git a/lib/mozpkix/test/lib/pkixtestnss.h b/lib/mozpkix/include/pkix-test/pkixtestnss.h similarity index 87% rename from lib/mozpkix/test/lib/pkixtestnss.h rename to lib/mozpkix/include/pkix-test/pkixtestnss.h index 18a7e10865..199659d7f6 100644 --- a/lib/mozpkix/test/lib/pkixtestnss.h +++ b/lib/mozpkix/include/pkix-test/pkixtestnss.h @@ -29,17 +29,13 @@ #ifndef mozilla_pkix_test_pkixtestnss_h #define mozilla_pkix_test_pkixtestnss_h -#include "keyhi.h" -#include "keythi.h" -#include "pkixtestutil.h" +#include +#include +#include "mozpkix/test/pkixtestutil.h" +#include "mozpkix/nss_scoped_ptrs.h" namespace mozilla { namespace pkix { namespace test { -typedef ScopedPtr - ScopedSECKEYPublicKey; -typedef ScopedPtr - ScopedSECKEYPrivateKey; - TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg, const ScopedSECKEYPublicKey& publicKey, const ScopedSECKEYPrivateKey& privateKey); diff --git a/lib/mozpkix/test/lib/pkixtestutil.h b/lib/mozpkix/include/pkix-test/pkixtestutil.h similarity index 98% rename from lib/mozpkix/test/lib/pkixtestutil.h rename to lib/mozpkix/include/pkix-test/pkixtestutil.h index e5da442a7d..f917341ffd 100644 --- a/lib/mozpkix/test/lib/pkixtestutil.h +++ b/lib/mozpkix/include/pkix-test/pkixtestutil.h @@ -26,12 +26,11 @@ #define mozilla_pkix_test_pkixtestutil_h #include -#include // Some Mozilla-supported compilers lack +#include #include #include -#include "pkix/pkixtypes.h" -#include "../../lib/ScopedPtr.h" +#include "mozpkix/pkixtypes.h" namespace mozilla { namespace pkix { namespace test { @@ -313,7 +312,7 @@ TestKeyPair* CloneReusedKeyPair(); TestKeyPair* GenerateKeyPair(); TestKeyPair* GenerateDSSKeyPair(); inline void DeleteTestKeyPair(TestKeyPair* keyPair) { delete keyPair; } -typedef ScopedPtr ScopedTestKeyPair; +typedef std::unique_ptr ScopedTestKeyPair; Result TestVerifyECDSASignedDigest(const SignedDigest& signedDigest, Input subjectPublicKeyInfo); diff --git a/lib/mozpkix/include/pkix/Input.h b/lib/mozpkix/include/pkix/Input.h index d3aa38649b..df93652640 100644 --- a/lib/mozpkix/include/pkix/Input.h +++ b/lib/mozpkix/include/pkix/Input.h @@ -27,7 +27,7 @@ #include -#include "pkix/Result.h" +#include "mozpkix/Result.h" #include "stdint.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/include/pkix/Time.h b/lib/mozpkix/include/pkix/Time.h index e997682b3a..d3f7378ad0 100644 --- a/lib/mozpkix/include/pkix/Time.h +++ b/lib/mozpkix/include/pkix/Time.h @@ -29,7 +29,7 @@ #include #include -#include "pkix/Result.h" +#include "mozpkix/Result.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/include/pkix/pkix.h b/lib/mozpkix/include/pkix/pkix.h index da4f636157..42ba26b931 100644 --- a/lib/mozpkix/include/pkix/pkix.h +++ b/lib/mozpkix/include/pkix/pkix.h @@ -25,7 +25,7 @@ #ifndef mozilla_pkix_pkix_h #define mozilla_pkix_pkix_h -#include "pkixtypes.h" +#include "mozpkix/pkixtypes.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixcheck.h b/lib/mozpkix/include/pkix/pkixcheck.h similarity index 98% rename from lib/mozpkix/lib/pkixcheck.h rename to lib/mozpkix/include/pkix/pkixcheck.h index 9ea205f3b5..5b47c7cdab 100644 --- a/lib/mozpkix/lib/pkixcheck.h +++ b/lib/mozpkix/include/pkix/pkixcheck.h @@ -25,7 +25,7 @@ #ifndef mozilla_pkix_pkixcheck_h #define mozilla_pkix_pkixcheck_h -#include "pkix/pkixtypes.h" +#include "mozpkix/pkixtypes.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixder.h b/lib/mozpkix/include/pkix/pkixder.h similarity index 99% rename from lib/mozpkix/lib/pkixder.h rename to lib/mozpkix/include/pkix/pkixder.h index cdfde3eae2..0c9e8670ad 100644 --- a/lib/mozpkix/lib/pkixder.h +++ b/lib/mozpkix/include/pkix/pkixder.h @@ -37,8 +37,8 @@ // they are able to do so; otherwise they fail with the input mark in an // undefined state. -#include "pkix/Input.h" -#include "pkix/pkixtypes.h" +#include "mozpkix/Input.h" +#include "mozpkix/pkixtypes.h" namespace mozilla { namespace pkix { namespace der { diff --git a/lib/mozpkix/include/pkix/pkixnss.h b/lib/mozpkix/include/pkix/pkixnss.h index 39ba705a2a..74a9466b59 100644 --- a/lib/mozpkix/include/pkix/pkixnss.h +++ b/lib/mozpkix/include/pkix/pkixnss.h @@ -25,9 +25,9 @@ #ifndef mozilla_pkix_pkixnss_h #define mozilla_pkix_pkixnss_h -#include "pkixtypes.h" +#include +#include "mozpkix/pkixtypes.h" #include "prerror.h" -#include "seccomon.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/include/pkix/pkixtypes.h b/lib/mozpkix/include/pkix/pkixtypes.h index e93723f974..e9929f9a58 100644 --- a/lib/mozpkix/include/pkix/pkixtypes.h +++ b/lib/mozpkix/include/pkix/pkixtypes.h @@ -25,8 +25,10 @@ #ifndef mozilla_pkix_pkixtypes_h #define mozilla_pkix_pkixtypes_h -#include "pkix/Input.h" -#include "pkix/Time.h" +#include + +#include "mozpkix/Input.h" +#include "mozpkix/Time.h" #include "stdint.h" namespace mozilla { namespace pkix { @@ -147,6 +149,7 @@ struct CertID final void operator=(const CertID&) = delete; }; +typedef std::unique_ptr ScopedCertID; class DERArray { diff --git a/lib/mozpkix/lib/pkixutil.h b/lib/mozpkix/include/pkix/pkixutil.h similarity index 99% rename from lib/mozpkix/lib/pkixutil.h rename to lib/mozpkix/include/pkix/pkixutil.h index 0923802f77..3fc02c56e6 100644 --- a/lib/mozpkix/lib/pkixutil.h +++ b/lib/mozpkix/include/pkix/pkixutil.h @@ -25,7 +25,7 @@ #ifndef mozilla_pkix_pkixutil_h #define mozilla_pkix_pkixutil_h -#include "pkixder.h" +#include "mozpkix/pkixder.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/ScopedPtr.h b/lib/mozpkix/lib/ScopedPtr.h deleted file mode 100644 index a9e18adc1b..0000000000 --- a/lib/mozpkix/lib/ScopedPtr.h +++ /dev/null @@ -1,83 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This code is made available to you under your choice of the following sets - * of licensing terms: - */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - */ -/* Copyright 2013 Mozilla Contributors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef mozilla_pkix_ScopedPtr_h -#define mozilla_pkix_ScopedPtr_h - -namespace mozilla { namespace pkix { - -// A subset polyfill of std::unique_ptr that does not support move construction -// or move assignment. This is used instead of std::unique_ptr because some -// important toolchains still don't provide std::unique_ptr, including in -// particular Android NDK projects with APP_STL=stlport_static or -// ALL_STL=stlport_shared. -template -class ScopedPtr final -{ -public: - explicit ScopedPtr(T* value = nullptr) : mValue(value) { } - - ScopedPtr(const ScopedPtr&) = delete; - - ~ScopedPtr() - { - if (mValue) { - Destroyer(mValue); - } - } - - void operator=(const ScopedPtr&) = delete; - - T& operator*() const { return *mValue; } - T* operator->() const { return mValue; } - - explicit operator bool() const { return mValue; } - - T* get() const { return mValue; } - - T* release() - { - T* result = mValue; - mValue = nullptr; - return result; - } - - void reset(T* newValue = nullptr) - { - // The C++ standard requires std::unique_ptr to destroy the old value - // pointed to by mValue, if any, *after* assigning the new value to mValue. - T* oldValue = mValue; - mValue = newValue; - if (oldValue) { - Destroyer(oldValue); - } - } - -private: - T* mValue; -}; - -} } // namespace mozilla::pkix - -#endif // mozilla_pkix_ScopedPtr_h diff --git a/lib/mozpkix/lib/pkixbuild.cpp b/lib/mozpkix/lib/pkixbuild.cpp index d3202cd8e7..0ac2cb8830 100644 --- a/lib/mozpkix/lib/pkixbuild.cpp +++ b/lib/mozpkix/lib/pkixbuild.cpp @@ -22,10 +22,10 @@ * limitations under the License. */ -#include "pkix/pkix.h" +#include "mozpkix/pkix.h" -#include "pkixcheck.h" -#include "pkixutil.h" +#include "mozpkix/pkixcheck.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixcert.cpp b/lib/mozpkix/lib/pkixcert.cpp index f6eb116b28..a304837382 100644 --- a/lib/mozpkix/lib/pkixcert.cpp +++ b/lib/mozpkix/lib/pkixcert.cpp @@ -22,7 +22,7 @@ * limitations under the License. */ -#include "pkixutil.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixcheck.cpp b/lib/mozpkix/lib/pkixcheck.cpp index 705f7e7f02..317db01e23 100644 --- a/lib/mozpkix/lib/pkixcheck.cpp +++ b/lib/mozpkix/lib/pkixcheck.cpp @@ -22,10 +22,10 @@ * limitations under the License. */ -#include "pkixcheck.h" +#include "mozpkix/pkixcheck.h" -#include "pkixder.h" -#include "pkixutil.h" +#include "mozpkix/pkixder.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixder.cpp b/lib/mozpkix/lib/pkixder.cpp index 4f2647058b..152d11a23e 100644 --- a/lib/mozpkix/lib/pkixder.cpp +++ b/lib/mozpkix/lib/pkixder.cpp @@ -22,9 +22,9 @@ * limitations under the License. */ -#include "pkixder.h" +#include "mozpkix/pkixder.h" -#include "pkixutil.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { namespace der { diff --git a/lib/mozpkix/lib/pkixnames.cpp b/lib/mozpkix/lib/pkixnames.cpp index 1eceadd665..6f40800d7e 100644 --- a/lib/mozpkix/lib/pkixnames.cpp +++ b/lib/mozpkix/lib/pkixnames.cpp @@ -36,8 +36,8 @@ #include -#include "pkixcheck.h" -#include "pkixutil.h" +#include "mozpkix/pkixcheck.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixnss.cpp b/lib/mozpkix/lib/pkixnss.cpp index b33f4fd034..9b293d5fda 100644 --- a/lib/mozpkix/lib/pkixnss.cpp +++ b/lib/mozpkix/lib/pkixnss.cpp @@ -22,16 +22,16 @@ * limitations under the License. */ -#include "pkix/pkixnss.h" +#include "mozpkix/pkixnss.h" #include #include "cryptohi.h" #include "keyhi.h" #include "pk11pub.h" -#include "pkix/pkix.h" -#include "pkixutil.h" -#include "ScopedPtr.h" +#include "mozpkix/nss_scoped_ptrs.h" +#include "mozpkix/pkix.h" +#include "mozpkix/pkixutil.h" #include "secerr.h" #include "sslerr.h" @@ -56,12 +56,12 @@ VerifySignedDigest(const SignedDigest& sd, SECItem subjectPublicKeyInfoSECItem = UnsafeMapInputToSECItem(subjectPublicKeyInfo); - ScopedPtr + ScopedCERTSubjectPublicKeyInfo spki(SECKEY_DecodeDERSubjectPublicKeyInfo(&subjectPublicKeyInfoSECItem)); if (!spki) { return MapPRErrorCodeToResult(PR_GetError()); } - ScopedPtr + ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(spki.get())); if (!pubKey) { return MapPRErrorCodeToResult(PR_GetError()); diff --git a/lib/mozpkix/lib/pkixocsp.cpp b/lib/mozpkix/lib/pkixocsp.cpp index db53c01b42..a81154417d 100644 --- a/lib/mozpkix/lib/pkixocsp.cpp +++ b/lib/mozpkix/lib/pkixocsp.cpp @@ -24,9 +24,9 @@ #include -#include "pkix/pkix.h" -#include "pkixcheck.h" -#include "pkixutil.h" +#include "mozpkix/pkix.h" +#include "mozpkix/pkixcheck.h" +#include "mozpkix/pkixutil.h" namespace { diff --git a/lib/mozpkix/lib/pkixresult.cpp b/lib/mozpkix/lib/pkixresult.cpp index 670642de88..871d9a0fe9 100644 --- a/lib/mozpkix/lib/pkixresult.cpp +++ b/lib/mozpkix/lib/pkixresult.cpp @@ -22,8 +22,8 @@ * limitations under the License. */ -#include "pkix/Result.h" -#include "pkixutil.h" +#include "mozpkix/Result.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/lib/pkixtime.cpp b/lib/mozpkix/lib/pkixtime.cpp index ace23dd411..38e0638040 100644 --- a/lib/mozpkix/lib/pkixtime.cpp +++ b/lib/mozpkix/lib/pkixtime.cpp @@ -22,10 +22,10 @@ * limitations under the License. */ -#include "pkix/Time.h" -#include "pkixutil.h" +#include "mozpkix/Time.h" +#include "mozpkix/pkixutil.h" -#ifdef WIN32 +#ifdef _WINDOWS #ifdef _MSC_VER #pragma warning(push, 3) #endif @@ -44,7 +44,7 @@ Now() { uint64_t seconds; -#ifdef WIN32 +#ifdef _WINDOWS // "Contains a 64-bit value representing the number of 100-nanosecond // intervals since January 1, 1601 (UTC)." // - http://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx diff --git a/lib/mozpkix/lib/pkixverify.cpp b/lib/mozpkix/lib/pkixverify.cpp index 45e2f8b082..8ceb2c184c 100644 --- a/lib/mozpkix/lib/pkixverify.cpp +++ b/lib/mozpkix/lib/pkixverify.cpp @@ -22,7 +22,7 @@ * limitations under the License. */ -#include "pkixutil.h" +#include "mozpkix/pkixutil.h" namespace mozilla { namespace pkix { diff --git a/lib/mozpkix/moz.build b/lib/mozpkix/moz.build deleted file mode 100644 index ec02dcd018..0000000000 --- a/lib/mozpkix/moz.build +++ /dev/null @@ -1,36 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -with Files("**"): - BUG_COMPONENT = ("Core", "Security: PSM") - -SOURCES += [ - 'lib/pkixbuild.cpp', - 'lib/pkixcert.cpp', - 'lib/pkixcheck.cpp', - 'lib/pkixder.cpp', - 'lib/pkixnames.cpp', - 'lib/pkixnss.cpp', - 'lib/pkixocsp.cpp', - 'lib/pkixresult.cpp', - 'lib/pkixtime.cpp', - 'lib/pkixverify.cpp', -] - -LOCAL_INCLUDES += [ - 'include', -] - -TEST_DIRS += [ - 'test/gtest', - 'test/lib', -] - -include('warnings.mozbuild') - -Library('mozillapkix') - -FINAL_LIBRARY = 'xul' diff --git a/lib/mozpkix/mozpkix.gyp b/lib/mozpkix/mozpkix.gyp new file mode 100644 index 0000000000..1c552ba5fa --- /dev/null +++ b/lib/mozpkix/mozpkix.gyp @@ -0,0 +1,60 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi' + ], + 'targets': [ + { + 'target_name': 'mozpkix', + 'type': 'static_library', + 'standalone_static_library': 1, + 'sources': [ + 'lib/pkixbuild.cpp', + 'lib/pkixcert.cpp', + 'lib/pkixcheck.cpp', + 'lib/pkixder.cpp', + 'lib/pkixnames.cpp', + 'lib/pkixnss.cpp', + 'lib/pkixocsp.cpp', + 'lib/pkixresult.cpp', + 'lib/pkixtime.cpp', + 'lib/pkixverify.cpp', + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_mozpkix_exports', + ], + 'conditions': [ + [ 'mozpkix_only==0', { + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ], + }], + ], + }, + { + 'target_name': 'mozpkix-testlib', + 'type': 'static_library', + 'standalone_static_library': 1, + 'sources': [ + 'test-lib/pkixtestalg.cpp', + 'test-lib/pkixtestnss.cpp', + 'test-lib/pkixtestutil.cpp', + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_mozpkix_exports', + ], + 'conditions': [ + [ 'mozpkix_only==0', { + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ], + }], + ], + }, + ], + 'variables': { + 'module': 'nss', + } +} diff --git a/lib/mozpkix/test/lib/pkixtestalg.cpp b/lib/mozpkix/test-lib/pkixtestalg.cpp similarity index 98% rename from lib/mozpkix/test/lib/pkixtestalg.cpp rename to lib/mozpkix/test-lib/pkixtestalg.cpp index d4ef88f8f0..304641e2ff 100644 --- a/lib/mozpkix/test/lib/pkixtestalg.cpp +++ b/lib/mozpkix/test-lib/pkixtestalg.cpp @@ -22,9 +22,10 @@ * limitations under the License. */ -#include "pkixtestutil.h" +#include "mozpkix/test/pkixtestutil.h" -#include "pkixder.h" +#include "mozpkix/pkixder.h" +#include "mozpkix/nss_scoped_ptrs.h" // python DottedOIDToCode.py --prefixdefine PREFIX_1_2_840_10040 1.2.840.10040 #define PREFIX_1_2_840_10040 0x2a, 0x86, 0x48, 0xce, 0x38 diff --git a/lib/mozpkix/test/lib/pkixtestnss.cpp b/lib/mozpkix/test-lib/pkixtestnss.cpp similarity index 92% rename from lib/mozpkix/test/lib/pkixtestnss.cpp rename to lib/mozpkix/test-lib/pkixtestnss.cpp index 7f12700d2c..ee59b1d970 100644 --- a/lib/mozpkix/test/lib/pkixtestnss.cpp +++ b/lib/mozpkix/test-lib/pkixtestnss.cpp @@ -22,8 +22,8 @@ * limitations under the License. */ -#include "pkixtestutil.h" -#include "pkixtestnss.h" +#include "mozpkix/test/pkixtestutil.h" +#include "mozpkix/test/pkixtestnss.h" #include @@ -32,9 +32,10 @@ #include "nss.h" #include "pk11pqg.h" #include "pk11pub.h" -#include "pkix/pkixnss.h" -#include "pkixder.h" -#include "pkixutil.h" +#include "mozpkix/nss_scoped_ptrs.h" +#include "mozpkix/pkixnss.h" +#include "mozpkix/pkixder.h" +#include "mozpkix/pkixutil.h" #include "prinit.h" #include "secerr.h" #include "secitem.h" @@ -43,20 +44,6 @@ namespace mozilla { namespace pkix { namespace test { namespace { -inline void -SECITEM_FreeItem_true(SECItem* item) -{ - SECITEM_FreeItem(item, true); -} - -inline void -SECKEY_DestroyEncryptedPrivateKeyInfo_true(SECKEYEncryptedPrivateKeyInfo* e) -{ - SECKEY_DestroyEncryptedPrivateKeyInfo(e, true); -} - -typedef mozilla::pkix::ScopedPtr ScopedSECItem; - TestKeyPair* GenerateKeyPairInner(); void @@ -126,7 +113,7 @@ class NSSTestKeyPair final : public TestKeyPair abort(); } - ScopedPtr slot(PK11_GetInternalSlot()); + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); if (!slot) { return MapPRErrorCodeToResult(PR_GetError()); } @@ -200,14 +187,14 @@ TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg, const ScopedSECKEYPublicKey& publicKey, const ScopedSECKEYPrivateKey& privateKey) { - ScopedPtr + ScopedCERTSubjectPublicKeyInfo spki(SECKEY_CreateSubjectPublicKeyInfo(publicKey.get())); if (!spki) { return nullptr; } SECItem spkDER = spki->subjectPublicKey; DER_ConvertBitString(&spkDER); // bits to bytes - ScopedPtr slot(PK11_GetInternalSlot()); + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); if (!slot) { return nullptr; } @@ -219,8 +206,7 @@ TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg, // need to use it (e.g. to sign something), we decrypt it and create a // temporary key object. SECItem passwordItem = { siBuffer, nullptr, 0 }; - ScopedPtr encryptedPrivateKey( + ScopedSECKEYEncryptedPrivateKeyInfo encryptedPrivateKey( PK11_ExportEncryptedPrivKeyInfo( slot.get(), SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC, &passwordItem, privateKey.get(), 1, nullptr)); @@ -244,7 +230,7 @@ namespace { TestKeyPair* GenerateKeyPairInner() { - ScopedPtr slot(PK11_GetInternalSlot()); + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); if (!slot) { abort(); } @@ -310,7 +296,7 @@ GenerateDSSKeyPair() { InitNSSIfNeeded(); - ScopedPtr slot(PK11_GetInternalSlot()); + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); if (!slot) { return nullptr; } diff --git a/lib/mozpkix/test/lib/pkixtestutil.cpp b/lib/mozpkix/test-lib/pkixtestutil.cpp similarity index 98% rename from lib/mozpkix/test/lib/pkixtestutil.cpp rename to lib/mozpkix/test-lib/pkixtestutil.cpp index 20b17418e1..b1b89c07e0 100644 --- a/lib/mozpkix/test/lib/pkixtestutil.cpp +++ b/lib/mozpkix/test-lib/pkixtestutil.cpp @@ -22,7 +22,7 @@ * limitations under the License. */ -#include "pkixtestutil.h" +#include "mozpkix/test/pkixtestutil.h" #include #include @@ -31,10 +31,8 @@ #include #include -#include "pkixder.h" -#include "pkixutil.h" - -#include "mozilla/Unused.h" +#include "mozpkix/pkixder.h" +#include "mozpkix/pkixutil.h" using namespace std; @@ -42,12 +40,14 @@ namespace mozilla { namespace pkix { namespace test { namespace { -inline void -fclose_void(FILE* file) { - (void) fclose(file); -} - -typedef mozilla::pkix::ScopedPtr ScopedFILE; +struct ScopedMaybeDeleteFile { + void operator()(FILE* f) { + if (f) { + (void)fclose(f); + } + } +}; +typedef std::unique_ptr ScopedFILE; FILE* OpenFile(const string& dir, const string& filename, const string& mode) @@ -251,7 +251,7 @@ Integer(long value) enum TimeEncoding { UTCTime = 0, GeneralizedTime = 1 }; // Windows doesn't provide gmtime_r, but it provides something very similar. -#if defined(WIN32) && (!defined(_POSIX_C_SOURCE) || !defined(_POSIX_THREAD_SAFE_FUNCTIONS)) +#if defined(_WINDOWS) && (!defined(_POSIX_C_SOURCE) || !defined(_POSIX_THREAD_SAFE_FUNCTIONS)) static tm* gmtime_r(const time_t* t, /*out*/ tm* exploded) { @@ -511,7 +511,7 @@ MaybeLogOutput(const ByteString& result, const char* suffix) ++counter; ScopedFILE file(OpenFile(logPath, filename, "wb")); if (file) { - Unused << fwrite(result.data(), result.length(), 1, file.get()); + (void) fwrite(result.data(), result.length(), 1, file.get()); } } } diff --git a/lib/mozpkix/test/gtest/moz.build b/lib/mozpkix/test/gtest/moz.build deleted file mode 100644 index d9fa10e60d..0000000000 --- a/lib/mozpkix/test/gtest/moz.build +++ /dev/null @@ -1,72 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -SOURCES += [ - 'pkixbuild_tests.cpp', - 'pkixcert_extension_tests.cpp', - 'pkixcert_signature_algorithm_tests.cpp', - 'pkixcheck_CheckExtendedKeyUsage_tests.cpp', - 'pkixcheck_CheckIssuer_tests.cpp', - 'pkixcheck_CheckKeyUsage_tests.cpp', - 'pkixcheck_CheckSignatureAlgorithm_tests.cpp', - 'pkixcheck_CheckValidity_tests.cpp', - 'pkixcheck_ParseValidity_tests.cpp', - 'pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp', - - # The naming conventions are described in ./README.txt. - - 'pkixder_input_tests.cpp', - 'pkixder_pki_types_tests.cpp', - 'pkixder_universal_types_tests.cpp', - 'pkixgtest.cpp', - 'pkixnames_tests.cpp', - 'pkixocsp_CreateEncodedOCSPRequest_tests.cpp', - 'pkixocsp_VerifyEncodedOCSPResponse.cpp', -] - -LOCAL_INCLUDES += [ - '../../include', - '../../lib', - '../lib', -] - -FINAL_LIBRARY = 'xul-gtest' - -include('../../warnings.mozbuild') - -# GTest uses a variadic macro in a questionable way and it doesn't seem to be -# possible to selectively disable just that error when -pedantic-errors is set. -if CONFIG['CC_TYPE'] == 'gcc': - CXXFLAGS.remove('-pedantic-errors') - -# These warnings are disabled in order to minimize the amount of boilerplate -# required to implement tests, and/or because they originate in the GTest -# framework in a way we cannot otherwise work around. -if CONFIG['CC_TYPE'] in ('clang', 'clang-cl', 'gcc'): - CXXFLAGS += [ - '-Wno-old-style-cast', - ] - if CONFIG['CC_TYPE'] in ('clang', 'clang-cl'): - CXXFLAGS += [ - '-Wno-exit-time-destructors', - '-Wno-global-constructors', - '-Wno-thread-safety', - '-Wno-used-but-marked-unused', - '-Wno-zero-as-null-pointer-constant', - ] -elif CONFIG['CC_TYPE'] == 'msvc': - CXXFLAGS += [ - '-wd4350', # behavior change: 'std::_Wrap_alloc>::... - '-wd4275', # non dll-interface class used as base for dll-interface class - '-wd4548', # Expression before comma has no effect - '-wd4625', # copy constructor could not be generated. - '-wd4626', # assugment operator could not be generated. - '-wd4640', # construction of local static object is not thread safe. - - # This is intended as a temporary hack to support building with VS2015. - # declaration of '*' hides class member - '-wd4458', - ] diff --git a/lib/mozpkix/test/lib/moz.build b/lib/mozpkix/test/lib/moz.build deleted file mode 100644 index bc9bf50b98..0000000000 --- a/lib/mozpkix/test/lib/moz.build +++ /dev/null @@ -1,39 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# This code is made available to you under your choice of the following sets -# of licensing terms: -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# Copyright 2013 Mozilla Contributors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SOURCES += [ - 'pkixtestalg.cpp', - 'pkixtestnss.cpp', - 'pkixtestutil.cpp', -] - -Library('pkixtestutil') - -LOCAL_INCLUDES += [ - '../../include', - '../../lib', -] - -FINAL_LIBRARY = 'xul-gtest' - -if CONFIG['CC_TYPE'] in ('clang', 'gcc'): - CXXFLAGS += ['-Wno-error=shadow'] diff --git a/lib/mozpkix/warnings.mozbuild b/lib/mozpkix/warnings.mozbuild deleted file mode 100644 index f89d7fb74b..0000000000 --- a/lib/mozpkix/warnings.mozbuild +++ /dev/null @@ -1,52 +0,0 @@ -if CONFIG['CC_TYPE'] in ('clang', 'clang-cl'): - CXXFLAGS += [ - '-Weverything', - - '-Wno-c++98-compat', - '-Wno-c++98-compat-pedantic', - '-Wno-missing-prototypes', - '-Wno-missing-variable-declarations', - '-Wno-padded', - '-Wno-reserved-id-macro', # NSPR and NSS use reserved IDs in their include guards. - '-Wno-weak-vtables', # We rely on the linker to merge the duplicate vtables. - ] -elif CONFIG['CC_TYPE'] == 'msvc': - CXXFLAGS += [ - '-sdl', # Enable additional security checks based on Microsoft's SDL. - - '-Wall', - - '-wd4464', # relative include path contains '..' - '-wd4514', # 'function': unreferenced inline function has been removed - '-wd4668', # warning C4668: 'X' is not defined as a preprocessor macro, - # replacing with '0' for '#if/#elif'. - '-wd4710', # 'function': function not inlined - '-wd4711', # function 'function' selected for inline expansion - '-wd4800', # forcing value to bool 'true' or 'false' - '-wd4820', # 'bytes' bytes padding added after construct 'member_name' - - # The following warnings are disabled because MSVC 2017 headers aren't - # warning free at the -Wall level. - '-wd4365', # 'action' : conversion from 'type_1' to 'type_2', - # signed/unsigned mismatch - '-wd4619', # #pragma warning : there is no warning number 'number' - '-wd4623', # 'derived class' : default constructor was implicitly defined as - # deleted because a base class default constructor is - # inaccessible or deleted - '-wd4774', # '' : format string expected in argument is - # not a string literal - '-wd4987', # nonstandard extension used: 'throw (...)' - - # XXX: We cannot use /Za (Disable Microsoft Extensions) because windows.h - # won't copmile with it. - '-Zc:forScope', # Standard C++ rules for variable scope in for loops. - '-Zc:inline', # Standard C++ rules requiring definition inline functions. - '-Zc:rvalueCast', # Standard C++ rules for result of cast being an rvalue. - '-Zc:strictStrings', # Standard C++ rule that string literals are const. - ] -else: - CXXFLAGS += [ - '-Wall', - '-Wextra', - '-pedantic-errors', - ] diff --git a/nss-tool/common/util.h b/nss-tool/common/util.h index 58fb058395..e7076336b6 100644 --- a/nss-tool/common/util.h +++ b/nss-tool/common/util.h @@ -6,7 +6,7 @@ #define util_h__ #include "nspr.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include #include diff --git a/nss-tool/db/dbtool.cc b/nss-tool/db/dbtool.cc index 8c369cf056..5cd1f56083 100644 --- a/nss-tool/db/dbtool.cc +++ b/nss-tool/db/dbtool.cc @@ -4,7 +4,7 @@ #include "dbtool.h" #include "argparse.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "util.h" #include diff --git a/nss-tool/digest/digesttool.cc b/nss-tool/digest/digesttool.cc index 08c3e3ba79..5efe6390ce 100644 --- a/nss-tool/digest/digesttool.cc +++ b/nss-tool/digest/digesttool.cc @@ -4,7 +4,7 @@ #include "digesttool.h" #include "argparse.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "util.h" #include diff --git a/nss-tool/enc/enctool.h b/nss-tool/enc/enctool.h index 5a6a5a1640..df5f449507 100644 --- a/nss-tool/enc/enctool.h +++ b/nss-tool/enc/enctool.h @@ -9,7 +9,7 @@ #include #include "argparse.h" #include "prerror.h" -#include "scoped_ptrs.h" +#include "nss_scoped_ptrs.h" #include "tool.h" class EncTool : public Tool { diff --git a/nss.gyp b/nss.gyp index 3ec33fd5c0..18fa92f125 100644 --- a/nss.gyp +++ b/nss.gyp @@ -5,115 +5,133 @@ 'includes': [ 'coreconf/config.gypi' ], - 'targets': [ - { - 'target_name': 'nss_libs', - 'type': 'none', - 'dependencies': [ - 'lib/ckfw/builtins/builtins.gyp:nssckbi', - 'lib/freebl/freebl.gyp:freebl3', - 'lib/softoken/softoken.gyp:softokn3', - ], - 'conditions': [ - [ 'moz_fold_libs==0', { - 'dependencies': [ - 'lib/nss/nss.gyp:nss3', - 'lib/smime/smime.gyp:smime3', - 'lib/sqlite/sqlite.gyp:sqlite3', - 'lib/ssl/ssl.gyp:ssl3', - 'lib/util/util.gyp:nssutil3', - ], - }], - [ 'OS=="linux"', { + 'conditions': [ + [ 'mozpkix_only==0', { + 'targets': [ + { + 'target_name': 'nss_libs', + 'type': 'none', 'dependencies': [ - 'lib/freebl/freebl.gyp:freeblpriv3', - 'lib/sysinit/sysinit.gyp:nsssysinit', + 'lib/ckfw/builtins/builtins.gyp:nssckbi', + 'lib/freebl/freebl.gyp:freebl3', + 'lib/softoken/softoken.gyp:softokn3', ], - }], - [ 'disable_dbm==0', { - 'dependencies': [ - 'lib/softoken/legacydb/legacydb.gyp:nssdbm3', + 'conditions': [ + [ 'moz_fold_libs==0', { + 'dependencies': [ + 'lib/nss/nss.gyp:nss3', + 'lib/smime/smime.gyp:smime3', + 'lib/sqlite/sqlite.gyp:sqlite3', + 'lib/ssl/ssl.gyp:ssl3', + 'lib/util/util.gyp:nssutil3', + ], + }], + [ 'OS=="linux"', { + 'dependencies': [ + 'lib/freebl/freebl.gyp:freeblpriv3', + 'lib/sysinit/sysinit.gyp:nsssysinit', + ], + }], + [ 'disable_dbm==0', { + 'dependencies': [ + 'lib/softoken/legacydb/legacydb.gyp:nssdbm3', + ], + }], ], - }], - ], - }, - { - 'target_name': 'nss_static_libs', - 'type': 'none', - 'dependencies': [ - 'cmd/lib/lib.gyp:sectool', - 'lib/base/base.gyp:nssb', - 'lib/certdb/certdb.gyp:certdb', - 'lib/certhigh/certhigh.gyp:certhi', - 'lib/ckfw/ckfw.gyp:nssckfw', - 'lib/crmf/crmf.gyp:crmf', - 'lib/cryptohi/cryptohi.gyp:cryptohi', - 'lib/dev/dev.gyp:nssdev', - 'lib/freebl/freebl.gyp:freebl', - 'lib/jar/jar.gyp:jar', - 'lib/nss/nss.gyp:nss_static', - 'lib/pk11wrap/pk11wrap.gyp:pk11wrap', - 'lib/pkcs12/pkcs12.gyp:pkcs12', - 'lib/pkcs7/pkcs7.gyp:pkcs7', - 'lib/pki/pki.gyp:nsspki', - 'lib/smime/smime.gyp:smime', - 'lib/softoken/softoken.gyp:softokn', - 'lib/ssl/ssl.gyp:ssl', - 'lib/util/util.gyp:nssutil', - 'lib/libpkix/libpkix.gyp:libpkix', - ], - 'conditions': [ - [ 'OS=="linux"', { + }, + { + 'target_name': 'nss_static_libs', + 'type': 'none', 'dependencies': [ - 'lib/sysinit/sysinit.gyp:nsssysinit_static', + 'cmd/lib/lib.gyp:sectool', + 'lib/base/base.gyp:nssb', + 'lib/certdb/certdb.gyp:certdb', + 'lib/certhigh/certhigh.gyp:certhi', + 'lib/ckfw/ckfw.gyp:nssckfw', + 'lib/crmf/crmf.gyp:crmf', + 'lib/cryptohi/cryptohi.gyp:cryptohi', + 'lib/dev/dev.gyp:nssdev', + 'lib/freebl/freebl.gyp:freebl', + 'lib/jar/jar.gyp:jar', + 'lib/libpkix/libpkix.gyp:libpkix', + # mozpkix and mozpkix-testlib are static C++ libs + 'lib/mozpkix/mozpkix.gyp:mozpkix', + 'lib/mozpkix/mozpkix.gyp:mozpkix-testlib', + 'lib/nss/nss.gyp:nss_static', + 'lib/pk11wrap/pk11wrap.gyp:pk11wrap', + 'lib/pkcs12/pkcs12.gyp:pkcs12', + 'lib/pkcs7/pkcs7.gyp:pkcs7', + 'lib/pki/pki.gyp:nsspki', + 'lib/smime/smime.gyp:smime', + 'lib/softoken/softoken.gyp:softokn', + 'lib/ssl/ssl.gyp:ssl', + 'lib/util/util.gyp:nssutil', ], - }], - [ 'disable_dbm==0', { - 'dependencies': [ - 'lib/dbm/src/src.gyp:dbm', - 'lib/softoken/legacydb/legacydb.gyp:nssdbm', + 'conditions': [ + [ 'OS=="linux"', { + 'dependencies': [ + 'lib/sysinit/sysinit.gyp:nsssysinit_static', + ], + }], + [ 'disable_dbm==0', { + 'dependencies': [ + 'lib/dbm/src/src.gyp:dbm', + 'lib/softoken/legacydb/legacydb.gyp:nssdbm', + ], + }], + [ 'use_system_sqlite==0', { + 'dependencies': [ + 'lib/sqlite/sqlite.gyp:sqlite', + ], + }], + [ 'moz_fold_libs==1', { + 'dependencies': [ + 'lib/nss/nss.gyp:nss3_static', + 'lib/smime/smime.gyp:smime3_static', + ], + }], ], - }], - [ 'use_system_sqlite==0', { + }, + { + 'target_name': 'nss_cmds', + 'type': 'none', 'dependencies': [ - 'lib/sqlite/sqlite.gyp:sqlite', + 'cmd/certutil/certutil.gyp:certutil', + 'cmd/modutil/modutil.gyp:modutil', + 'cmd/pk12util/pk12util.gyp:pk12util', + 'cmd/shlibsign/shlibsign.gyp:shlibsign', ], - }], - [ 'moz_fold_libs==1', { - 'dependencies': [ - 'lib/nss/nss.gyp:nss3_static', - 'lib/smime/smime.gyp:smime3_static', + 'conditions': [ + [ 'mozilla_client==0', { + 'dependencies': [ + 'cmd/crlutil/crlutil.gyp:crlutil', + 'cmd/pwdecrypt/pwdecrypt.gyp:pwdecrypt', + 'cmd/signtool/signtool.gyp:signtool', + 'cmd/signver/signver.gyp:signver', + 'cmd/smimetools/smimetools.gyp:cmsutil', + 'cmd/ssltap/ssltap.gyp:ssltap', + 'cmd/symkeyutil/symkeyutil.gyp:symkeyutil', + 'nss-tool/nss_tool.gyp:nss', + 'nss-tool/nss_tool.gyp:hw-support', + ], + }], ], - }], - ], - }, - { - 'target_name': 'nss_cmds', - 'type': 'none', - 'dependencies': [ - 'cmd/certutil/certutil.gyp:certutil', - 'cmd/modutil/modutil.gyp:modutil', - 'cmd/pk12util/pk12util.gyp:pk12util', - 'cmd/shlibsign/shlibsign.gyp:shlibsign', + }, ], - 'conditions': [ - [ 'mozilla_client==0', { + }, { # else, i.e. mozpkix_only==1 + # Build only mozpkix. + 'targets': [ + { + 'target_name': 'nss_mozpkix_libs', + 'type': 'none', 'dependencies': [ - 'cmd/crlutil/crlutil.gyp:crlutil', - 'cmd/pwdecrypt/pwdecrypt.gyp:pwdecrypt', - 'cmd/signtool/signtool.gyp:signtool', - 'cmd/signver/signver.gyp:signver', - 'cmd/smimetools/smimetools.gyp:cmsutil', - 'cmd/ssltap/ssltap.gyp:ssltap', - 'cmd/symkeyutil/symkeyutil.gyp:symkeyutil', - 'nss-tool/nss_tool.gyp:nss', - 'nss-tool/nss_tool.gyp:hw-support', + # mozpkix and mozpkix-testlib are static C++ libs + 'lib/mozpkix/mozpkix.gyp:mozpkix', + 'lib/mozpkix/mozpkix.gyp:mozpkix-testlib', ], - }], + }, ], - }, - ], - 'conditions': [ + }], [ 'disable_tests==0', { 'targets': [ { @@ -170,11 +188,12 @@ 'gtests/certdb_gtest/certdb_gtest.gyp:certdb_gtest', 'gtests/freebl_gtest/freebl_gtest.gyp:prng_gtest', 'gtests/freebl_gtest/freebl_gtest.gyp:blake2b_gtest', + 'gtests/mozpkix_gtest/mozpkix_gtest.gyp:mozpkix_gtest', + 'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim', 'gtests/pk11_gtest/pk11_gtest.gyp:pk11_gtest', 'gtests/softoken_gtest/softoken_gtest.gyp:softoken_gtest', 'gtests/ssl_gtest/ssl_gtest.gyp:ssl_gtest', 'gtests/util_gtest/util_gtest.gyp:util_gtest', - 'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim', ], 'conditions': [ [ 'OS=="linux"', {