Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Invoke nss_init_nodb() when nss modules loads, this prevents segfaults

Browse Source 
in NSS if Python programmer forgot to call one of the NSS
initialization routines.

Rename the classes X500Name, X500RDN, X500AVA to DN, RDN, AVA
respectively.

DN and RDN objects now return a list of their contents when indexed by
type, this is to support multi-valued items.

Fix bug where AVA object's string representation did not include it's
type.

Enhance test/test_cert_components.py unit test to test for above
changes.


git-svn-id: svn://10.0.0.236/trunk@260568 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
jdennis%redhat.com 2010-06-24 19:26:08 +00:00
parent 09cce8a342
commit d60083d124
5 changed files with 1008 additions and 452 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
mozilla/security/python/nss/doc/examples/cert_dump.py
View File

@ -150,12 +150,6 @@ filename = sys.argv[1]
# Perform basic configuration and setup
nss.nss_init_nodb()
if False:
l = nss.temp_test()
print type(l)
print l
sys.exit(0)
if len(args):
filename = args[0]

3
mozilla/security/python/nss/src/__init__.py
View File

@ -297,3 +297,6 @@ To be added
"""
__version__ = '0.9'
import nss
nss.nss_init_nodb()

1271
mozilla/security/python/nss/src/py_nss.c
View File

File diff suppressed because it is too large Load Diff

23
mozilla/security/python/nss/src/py_nss.h
View File

@ -249,34 +249,34 @@ typedef struct {
} PyPK11Context;
/* ========================================================================== */
/* =============================== X500AVA Class ============================ */
/* ================================= AVA Class ============================== */
/* ========================================================================== */
typedef struct {
PyObject_HEAD
PRArenaPool *arena;
CERTAVA *ava;
} X500AVA;
} AVA;
/* ========================================================================== */
/* =============================== X500RDN Class ============================ */
/* ================================= RDN Class ============================== */
/* ========================================================================== */
typedef struct {
PyObject_HEAD
PRArenaPool *arena;
CERTRDN *rdn;
} X500RDN;
} RDN;
/* ========================================================================== */
/* =============================== X500Name Class ============================ */
/* ================================= DN Class =============================== */
/* ========================================================================== */
typedef struct {
PyObject_HEAD
PRArenaPool *arena;
CERTName name;
} X500Name;
} DN;
/* ========================================================================== */
/* ============================= GeneralName Class ========================== */
@ -326,6 +326,17 @@ typedef struct {
CERTBasicConstraints bc;
} BasicConstraints;
/* ========================================================================== */
/* ============================== CertificateRequest Class =========================== */
/* ========================================================================== */
typedef struct {
PyObject_HEAD
PRArenaPool *arena;
CERTSignedData signed_data;
CERTCertificateRequest *cert_req;
} CertificateRequest;
/* ========================================================================== */
typedef struct {

157
mozilla/security/python/nss/test/test_cert_components.py
View File

@ -64,19 +64,19 @@ class TestCertName(unittest.TestCase):
nss.nss_shutdown()
def test_ava_from_name(self):
ava = nss.X500AVA('cn', self.cn_name)
self.assertEqual(str(ava), self.cn_name)
ava = nss.AVA('cn', self.cn_name)
self.assertEqual(str(ava), "CN=%s" % self.cn_name)
def test_ava_from_oid_tag(self):
ava = nss.X500AVA(nss.SEC_OID_AVA_COMMON_NAME, self.cn_name)
self.assertEqual(str(ava), self.cn_name)
self.assertRaises(ValueError, nss.X500AVA, nss.SEC_OID_UNKNOWN, self.cn_name)
ava = nss.AVA(nss.SEC_OID_AVA_COMMON_NAME, self.cn_name)
self.assertEqual(str(ava), "CN=%s" % self.cn_name)
self.assertRaises(ValueError, nss.AVA, nss.SEC_OID_UNKNOWN, self.cn_name)
def test_ava_from_oid_string(self):
ava = nss.X500AVA('2.5.4.3', self.cn_name)
self.assertEqual(str(ava), self.cn_name)
ava = nss.AVA('2.5.4.3', self.cn_name)
self.assertEqual(str(ava), "CN=%s" % self.cn_name)
self.assertRaises(ValueError, nss.oid_tag, 'OID.99.99.99.99')
self.assertRaises(KeyError, nss.X500AVA, 'foo', self.cn_name)
self.assertRaises(KeyError, nss.AVA, 'foo', self.cn_name)
def test_oid_dotted_decimal(self):
self.assertEqual(nss.oid_dotted_decimal(nss.SEC_OID_AVA_COMMON_NAME),
@ -88,52 +88,66 @@ class TestCertName(unittest.TestCase):
self.assertRaises(ValueError, nss.oid_tag, 'OID.99.99.99.99')
def test_ava_from_bad_type(self):
self.assertRaises(TypeError, nss.X500AVA, (), self.cn_name)
self.assertRaises(TypeError, nss.AVA, (), self.cn_name)
def test_ava_compare(self):
cn_ava1 = nss.X500AVA('cn', self.cn_name)
cn_ava2 = nss.X500AVA('cn', self.cn_name)
cn_ava3 = nss.X500AVA('cn', self.cn_name+'A')
ou_ava = nss.X500AVA('ou', self.ou_name)
cn_ava1 = nss.AVA('cn', self.cn_name)
cn_ava2 = nss.AVA('cn', self.cn_name)
cn_ava3 = nss.AVA('cn', self.cn_name+'A')
ou_ava = nss.AVA('ou', self.ou_name)
self.assertEqual(cmp(cn_ava1, cn_ava2), 0)
self.assertEqual(cmp(cn_ava1, ou_ava), -1)
self.assertEqual(cmp(cn_ava1, cn_ava3), -1)
def test_rdn_compare(self):
cn_rdn1 = nss.X500RDN(nss.X500AVA('cn', self.cn_name))
cn_rdn2 = nss.X500RDN(nss.X500AVA('cn', self.cn_name))
cn_rdn3 = nss.X500RDN(nss.X500AVA('cn', self.cn_name+'A'))
ou_rdn = nss.X500RDN(nss.X500AVA('ou', self.ou_name))
cn_rdn1 = nss.RDN(nss.AVA('cn', self.cn_name))
cn_rdn2 = nss.RDN(nss.AVA('cn', self.cn_name))
cn_rdn3 = nss.RDN(nss.AVA('cn', self.cn_name+'A'))
ou_rdn = nss.RDN(nss.AVA('ou', self.ou_name))
self.assertEqual(cmp(cn_rdn1, cn_rdn2), 0)
self.assertEqual(cmp(cn_rdn1, ou_rdn), -1)
self.assertEqual(cmp(cn_rdn1, cn_rdn3), -1)
def test_rdn_create(self):
cn_ava = nss.X500AVA('cn', self.cn_name)
ou_ava = nss.X500AVA('ou', self.ou_name)
cn_ava = nss.AVA('cn', self.cn_name)
ou_ava = nss.AVA('ou', self.ou_name)
rdn = nss.X500RDN()
rdn = nss.RDN()
self.assertEqual(len(rdn), 0)
self.assertEqual(str(rdn), '')
rdn = nss.X500RDN(cn_ava)
rdn = nss.RDN(cn_ava)
self.assertEqual(len(rdn), 1)
self.assertEqual(str(rdn), 'CN=%s' % (self.cn_name))
self.assertEqual(rdn[0], cn_ava)
self.assertEqual(rdn['cn'], [cn_ava])
rdn = nss.X500RDN(cn_ava, ou_ava)
rdn = nss.RDN(cn_ava, ou_ava)
self.assertEqual(len(rdn), 2)
self.assertEqual(str(rdn), 'CN=%s+OU=%s' % (self.cn_name, self.ou_name))
self.assertEqual(rdn[0], cn_ava)
self.assertEqual(rdn[1], ou_ava)
self.assertEqual(str(rdn[0]), self.cn_name)
self.assertEqual(str(rdn[1]), self.ou_name)
i = 0
for ava in rdn:
if i == 0: self.assertEqual(ava, cn_ava)
elif i == 1: self.assertEqual(ava, ou_ava)
else: self.fail("excess ava's")
i += 1
self.assertEqual(rdn['2.5.4.3'], cn_ava)
self.assertEqual(list(rdn), [cn_ava, ou_ava])
self.assertEqual(rdn[:], [cn_ava, ou_ava])
self.assertEqual(rdn['cn'], [cn_ava])
self.assertEqual(rdn['ou'], [ou_ava])
self.assertEqual(str(rdn[0]), "CN=%s" % self.cn_name)
self.assertEqual(str(rdn[1]), "OU=%s" % self.ou_name)
self.assertEqual(rdn['2.5.4.3'], [cn_ava])
self.assertEqual(rdn.has_key('cn'), True)
self.assertEqual(rdn.has_key('2.5.4.3'), True)
self.assertEqual(rdn.has_key('st'), False)
@ -159,14 +173,14 @@ class TestCertName(unittest.TestCase):
pass
def test_name(self):
cn_rdn = nss.X500RDN(nss.X500AVA('cn', self.cn_name))
ou_rdn = nss.X500RDN(nss.X500AVA('ou', self.ou_name))
o_rdn = nss.X500RDN(nss.X500AVA('o', self.o_name))
l_rdn = nss.X500RDN(nss.X500AVA('l', self.l_name))
st_rdn = nss.X500RDN(nss.X500AVA('st', self.st_name))
c_rdn = nss.X500RDN(nss.X500AVA('c', self.c_name))
cn_rdn = nss.RDN(nss.AVA('cn', self.cn_name))
ou_rdn = nss.RDN(nss.AVA('ou', self.ou_name))
o_rdn = nss.RDN(nss.AVA('o', self.o_name))
l_rdn = nss.RDN(nss.AVA('l', self.l_name))
st_rdn = nss.RDN(nss.AVA('st', self.st_name))
c_rdn = nss.RDN(nss.AVA('c', self.c_name))
name = nss.X500Name(self.subject_name)
name = nss.DN(self.subject_name)
self.assertEqual(str(name), self.subject_name)
self.assertEqual(name[0], c_rdn)
@ -176,12 +190,28 @@ class TestCertName(unittest.TestCase):
self.assertEqual(name[4], ou_rdn)
self.assertEqual(name[5], cn_rdn)
self.assertEqual(name['c'], c_rdn)
self.assertEqual(name['st'], st_rdn)
self.assertEqual(name['l'], l_rdn)
self.assertEqual(name['o'], o_rdn)
self.assertEqual(name['ou'], ou_rdn)
self.assertEqual(name['cn'], cn_rdn)
self.assertEqual(len(name), 6)
i = 0
for rdn in name:
if i == 0: self.assertEqual(rdn, c_rdn)
elif i == 1: self.assertEqual(rdn, st_rdn)
elif i == 2: self.assertEqual(rdn, l_rdn)
elif i == 3: self.assertEqual(rdn, o_rdn)
elif i == 4: self.assertEqual(rdn, ou_rdn)
elif i == 5: self.assertEqual(rdn, cn_rdn)
else: self.fail("excess rdn's")
i += 1
self.assertEqual(list(name), [c_rdn, st_rdn, l_rdn, o_rdn, ou_rdn, cn_rdn])
self.assertEqual(name[:], [c_rdn, st_rdn, l_rdn, o_rdn, ou_rdn, cn_rdn])
self.assertEqual(name['c'], [c_rdn])
self.assertEqual(name['st'], [st_rdn])
self.assertEqual(name['l'], [l_rdn])
self.assertEqual(name['o'], [o_rdn])
self.assertEqual(name['ou'], [ou_rdn])
self.assertEqual(name['cn'], [cn_rdn])
self.assertEqual(name.email_address, None)
self.assertEqual(name.common_name, self.cn_name)
@ -193,37 +223,37 @@ class TestCertName(unittest.TestCase):
self.assertEqual(name.org_unit_name, self.ou_name)
self.assertEqual(name.cert_uid, None)
name = nss.X500Name()
name = nss.DN()
self.assertEqual(str(name), '')
name = nss.X500Name([])
name = nss.DN([])
self.assertEqual(str(name), '')
name = nss.X500Name(())
name = nss.DN(())
self.assertEqual(str(name), '')
name = nss.X500Name('')
name = nss.DN('')
self.assertEqual(str(name), '')
self.assertRaises(TypeError, nss.X500Name, 1)
self.assertRaises(TypeError, nss.DN, 1)
name.add_rdn(cn_rdn)
self.assertEqual(name[0], cn_rdn)
self.assertEqual(name['cn'], cn_rdn)
self.assertEqual(name['cn'], [cn_rdn])
self.assertEqual(str(name), 'CN=%s' % self.cn_name)
name.add_rdn(ou_rdn)
self.assertEqual(name[0], cn_rdn)
self.assertEqual(name[1], ou_rdn)
self.assertEqual(name['cn'], cn_rdn)
self.assertEqual(name['ou'], ou_rdn)
self.assertEqual(name['cn'], [cn_rdn])
self.assertEqual(name['ou'], [ou_rdn])
self.assertEqual(str(name), 'OU=%s,CN=%s' % (self.ou_name,self.cn_name))
name = nss.X500Name(cn_rdn, ou_rdn)
name = nss.DN(cn_rdn, ou_rdn)
self.assertEqual(name[0], cn_rdn)
self.assertEqual(name[1], ou_rdn)
self.assertEqual(name['cn'], cn_rdn)
self.assertEqual(name['ou'], ou_rdn)
self.assertEqual(name['cn'], [cn_rdn])
self.assertEqual(name['ou'], [ou_rdn])
self.assertEqual(str(name), 'OU=%s,CN=%s' % (self.ou_name,self.cn_name))
self.assertEqual(name.has_key('cn'), True)
@ -255,5 +285,34 @@ class TestCertName(unittest.TestCase):
self.assertEqual(nss.oid_tag('AVA_COMMON_NAME'), nss.SEC_OID_AVA_COMMON_NAME)
self.assertEqual(nss.oid_tag('cn'), nss.SEC_OID_AVA_COMMON_NAME)
def test_multi_value(self):
subject='CN=www.redhat.com,OU=engineering,OU=boston+OU=westford,C=US'
cn_ava = nss.AVA('cn', self.cn_name)
ou1_ava1 = nss.AVA('ou', 'boston')
ou1_ava2 = nss.AVA('ou', 'westford')
ou2_ava1 = nss.AVA('ou', 'engineering')
c_ava = nss.AVA('c', self.c_name)
cn_rdn = nss.RDN(cn_ava)
ou1_rdn = nss.RDN(ou1_ava1, ou1_ava2)
ou2_rdn = nss.RDN(ou2_ava1)
c_rdn = nss.RDN(c_ava)
name = nss.DN(subject)
self.assertEqual(len(name), 4)
self.assertEqual(name['cn'], [cn_rdn])
self.assertEqual(name['ou'], [ou1_rdn, ou2_rdn])
self.assertEqual(name['c'], [c_rdn])
rdn = name['ou'][0]
self.assertEqual(len(rdn), 2)
self.assertEqual(rdn, ou1_rdn)
self.assertEqual(rdn[0], ou1_ava1)
self.assertEqual(rdn[1], ou1_ava2)
self.assertEqual(list(rdn), [ou1_ava1, ou1_ava2])
self.assertEqual(rdn[:], [ou1_ava1, ou1_ava2])
if __name__ == '__main__':
unittest.main()