2 # ***** BEGIN LICENSE BLOCK *****
3 # Version: MPL 1.1/GPL 2.0/LGPL 2.1
5 # The contents of this file are subject to the Mozilla Public License Version
6 # 1.1 (the "License"); you may not use this file except in compliance with
7 # the License. You may obtain a copy of the License at
8 # http://www.mozilla.org/MPL/
10 # Software distributed under the License is distributed on an "AS IS" basis,
11 # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 # for the specific language governing rights and limitations under the
15 # The Original Code is mozilla.org code.
17 # The Initial Developer of the Original Code is
19 # Portions created by the Initial Developer are Copyright (C) 2008
20 # the Initial Developer. All Rights Reserved.
23 # Honza Bambas <honzab@firemni.cz>
25 # Alternatively, the contents of this file may be used under the terms of
26 # either the GNU General Public License Version 2 or later (the "GPL"), or
27 # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 # in which case the provisions of the GPL or the LGPL are applicable instead
29 # of those above. If you wish to allow use of your version of this file only
30 # under the terms of either the GPL or the LGPL, and not to allow others to
31 # use your version of this file under the terms of the MPL, indicate your
32 # decision by deleting the provisions above and replace them with the notice
33 # and other provisions required by the GPL or the LGPL. If you do not delete
34 # the provisions above, a recipient may use your version of this file under
35 # the terms of any one of the MPL, the GPL or the LGPL.
37 # ***** END LICENSE BLOCK *****
39 from automation
import Automation
45 #expand DIST_BIN = __XPC_BIN_PATH__
46 #expand BIN_SUFFIX = __BIN_SUFFIX__
47 #expand PROFILE_DIR = __PROFILE_DIR__
48 #expand CERTS_SRC_DIR = __CERTS_SRC_DIR__
50 automation
= Automation()
53 re
.compile("^cert[0-9]+\.db$"),
54 re
.compile("^key[0-9]+\.db$"),
55 re
.compile("^secmod\.db$")
58 def unlinkDbFiles(path
):
59 for root
, dirs
, files
in os
.walk(path
):
61 for dbFile
in dbFiles
:
62 if dbFile
.match(name
) and os
.path
.exists(os
.path
.join(root
, name
)):
63 os
.unlink(os
.path
.join(root
, name
))
65 def dbFilesExist(path
):
66 for root
, dirs
, files
in os
.walk(path
):
68 for dbFile
in dbFiles
:
69 if dbFile
.match(name
) and os
.path
.exists(os
.path
.join(root
, name
)):
74 def runUtil(util
, args
, inputdata
= None):
76 proc
= automation
.Process([util
] + args
, env
= automation
.environment(), stdin
= automation
.PIPE
)
77 proc
.communicate(inputdata
)
78 return proc
.returncode
79 return automation
.Process([util
] + args
, env
= automation
.environment()).wait()
82 def createRandomFile(randomFile
):
84 file = open(randomFile
, "wb");
85 for count
in xrange(0, 2048):
86 file.write(chr(random
.randint(0, 255)))
90 def createCertificateAuthority(profileDir
, srcDir
):
91 certutil
= DIST_BIN
+ "/certutil" + BIN_SUFFIX
92 pk12util
= DIST_BIN
+ "/pk12util" + BIN_SUFFIX
94 tempDbDir
= os
.path
.join(profileDir
, ".temp")
95 if not os
.path
.exists(tempDbDir
):
98 pwfilePath
= os
.path
.join(tempDbDir
, ".crtdbpw")
99 rndfilePath
= os
.path
.join(tempDbDir
, ".rndfile")
100 pgoCAModulePathSrc
= os
.path
.join(srcDir
, "pgoca.p12")
101 pgoCAPathSrc
= os
.path
.join(srcDir
, "pgoca.ca")
103 pwfile
= open(pwfilePath
, "w")
107 unlinkDbFiles(tempDbDir
)
109 # Create temporary certification database for CA generation
110 status
= runUtil(certutil
, ["-N", "-d", tempDbDir
, "-f", pwfilePath
])
114 createRandomFile(rndfilePath
);
115 status
= runUtil(certutil
, ["-S", "-d", tempDbDir
, "-s", "CN=Temporary Certificate Authority, O=Mozilla Testing, OU=Profile Guided Optimization", "-t", "C,,", "-x", "-m", "1", "-v", "120", "-n", "pgo temporary ca", "-2", "-f", pwfilePath
, "-z", rndfilePath
], "Y\n0\nN\n")
119 status
= runUtil(certutil
, ["-L", "-d", tempDbDir
, "-n", "pgo temporary ca", "-a", "-o", pgoCAPathSrc
, "-f", pwfilePath
])
123 status
= runUtil(pk12util
, ["-o", pgoCAModulePathSrc
, "-n", "pgo temporary ca", "-d", tempDbDir
, "-w", pwfilePath
, "-k", pwfilePath
])
127 unlinkDbFiles(tempDbDir
)
128 os
.unlink(pwfilePath
)
129 os
.unlink(rndfilePath
)
134 def createSSLServerCertificate(profileDir
, srcDir
):
135 certutil
= DIST_BIN
+ "/certutil" + BIN_SUFFIX
136 pk12util
= DIST_BIN
+ "/pk12util" + BIN_SUFFIX
138 pwfilePath
= os
.path
.join(profileDir
, ".crtdbpw")
139 rndfilePath
= os
.path
.join(profileDir
, ".rndfile")
140 pgoCAPath
= os
.path
.join(srcDir
, "pgoca.p12")
142 pwfile
= open(pwfilePath
, "w")
146 if not dbFilesExist(srcDir
):
147 # Make sure all DB files from src are really deleted
148 unlinkDbFiles(srcDir
)
150 # Create certification database for ssltunnel
151 status
= runUtil(certutil
, ["-N", "-d", srcDir
, "-f", pwfilePath
])
155 status
= runUtil(pk12util
, ["-i", pgoCAPath
, "-w", pwfilePath
, "-d", srcDir
, "-k", pwfilePath
])
159 # Generate automatic certificate
160 locations
= automation
.readLocations(os
.path
.join(profileDir
, "server-locations.txt"))
164 for loc
in locations
:
165 if loc
.scheme
== "https" and "nocert" not in loc
.options
:
166 customCertOption
= False
167 customCertRE
= re
.compile("^cert=(?:\w+)")
168 for option
in loc
.options
:
169 match
= customCertRE
.match(option
)
171 customCertOption
= True
174 if not customCertOption
:
175 if len(locationsParam
) > 0:
176 locationsParam
+= ","
177 locationsParam
+= loc
.host
179 if firstLocation
== "":
180 firstLocation
= loc
.host
182 if firstLocation
== "":
183 print "Nothing to generate, no automatic secure hosts specified"
185 createRandomFile(rndfilePath
);
187 runUtil(certutil
, ["-D", "-n", "pgo server certificate", "-d", srcDir
, "-z", rndfilePath
, "-f", pwfilePath
])
188 # Ignore the result, the certificate may not be present when new database is being built
190 status
= runUtil(certutil
, ["-S", "-s", "CN=%s" % firstLocation
, "-t", "Pu,,", "-c", "pgo temporary ca", "-m", "2", "-8", locationsParam
, "-v", "12", "-n", "pgo server certificate", "-d", srcDir
, "-z", rndfilePath
, "-f", pwfilePath
])
194 os
.unlink(pwfilePath
)
195 os
.unlink(rndfilePath
)
199 if len(sys
.argv
) == 1:
200 print "Specify --gen-server or --gen-ca"
203 if sys
.argv
[1] == "--gen-server":
204 certificateStatus
= createSSLServerCertificate(PROFILE_DIR
, CERTS_SRC_DIR
)
205 if certificateStatus
!= 0:
206 print "TEST-UNEXPECTED-FAIL | SSL Server Certificate generation"
208 sys
.exit(certificateStatus
)
210 if sys
.argv
[1] == "--gen-ca":
211 certificateStatus
= createCertificateAuthority(PROFILE_DIR
, CERTS_SRC_DIR
)
212 if certificateStatus
!= 0:
213 print "TEST-UNEXPECTED-FAIL | Certificate Authority generation"
216 print "==================================================="
218 print " To use this new certificate authority in tests"
219 print " run 'make' at testing/mochitest"
220 print "==================================================="
222 sys
.exit(certificateStatus
)
224 print "Invalid option specified"