summaryrefslogtreecommitdiffstats
path: root/security/manager
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-06-29 17:40:01 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-06-29 17:40:01 +0200
commit535e9399e6a57eafa478c26055339778f2b0c661 (patch)
tree4644082b77797c7add693d8dae9179cf5c2687fd /security/manager
parentf12fac8ad111ff5893fba07dcb20c7b08fd5bb1a (diff)
downloadUXP-535e9399e6a57eafa478c26055339778f2b0c661.tar
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.gz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.lz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.xz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.zip
Remove SSL Error Reporting telemetry
Diffstat (limited to 'security/manager')
-rw-r--r--security/manager/ssl/tests/unit/test_toolkit_securityreporter.js133
-rw-r--r--security/manager/ssl/tests/unit/xpcshell.ini3
2 files changed, 0 insertions, 136 deletions
diff --git a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js b/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
deleted file mode 100644
index d7ffd17bd..000000000
--- a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
+++ /dev/null
@@ -1,133 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* This test is for the TLS error reporting functionality exposed by
- * SecurityReporter.js in /toolkit/components/securityreporter. The test is
- * here because we make use of the tlsserver functionality that lives with the
- * PSM ssl tests.
- *
- * The testing here will be augmented by the existing mochitests for the
- * error reporting functionality in aboutNetError.xhtml and
- * aboutCertError.xhtml once these make use of this component.
- */
-
-"use strict";
-const CC = Components.Constructor;
-const Cm = Components.manager;
-
-Cu.import("resource://testing-common/AppInfo.jsm");
-/*global updateAppInfo:false*/ // Imported via AppInfo.jsm.
-updateAppInfo();
-
-// We must get the profile before performing operations on the cert db.
-do_get_profile();
-
-const certdb = Cc["@mozilla.org/security/x509certdb;1"]
- .getService(Ci.nsIX509CertDB);
-const reporter = Cc["@mozilla.org/securityreporter;1"]
- .getService(Ci.nsISecurityReporter);
-
-
-const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
- "nsIBinaryInputStream", "setInputStream");
-
-var server;
-
-// this allows us to create a callback which checks that a report is as
-// expected.
-function getReportCheck(expectReport, expectedError) {
- return function sendReportWithInfo(transportSecurityInfo) {
- // register a path handler on the server
- server.registerPathHandler("/submit/sslreports",
- function(request, response) {
- if (expectReport) {
- let report = JSON.parse(readDataFromRequest(request));
- do_check_eq(report.errorCode, expectedError);
- response.setStatusLine(null, 201, "Created");
- response.write("Created");
- } else {
- do_throw("No report should have been received");
- }
- });
-
- reporter.reportTLSError(transportSecurityInfo, "example.com", -1);
- };
-}
-
-// read the request body from a request
-function readDataFromRequest(aRequest) {
- if (aRequest.method == "POST" || aRequest.method == "PUT") {
- if (aRequest.bodyInputStream) {
- let inputStream = new BinaryInputStream(aRequest.bodyInputStream);
- let bytes = [];
- let available;
-
- while ((available = inputStream.available()) > 0) {
- Array.prototype.push.apply(bytes, inputStream.readByteArray(available));
- }
-
- return String.fromCharCode.apply(null, bytes);
- }
- }
- return null;
-}
-
-function run_test() {
- // start a report server
- server = new HttpServer();
- server.start(-1);
-
- let port = server.identity.primaryPort;
-
- // Set the reporting URL to ensure any reports are sent to the test server
- Services.prefs.setCharPref("security.ssl.errorReporting.url",
- `http://localhost:${port}/submit/sslreports`);
- // set strict-mode pinning enforcement so we can cause connection failures.
- Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2);
-
- // start a TLS server
- add_tls_server_setup("BadCertServer", "bad_certs");
-
- // Add a user-specified trust anchor.
- addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u");
-
-
- // Cause a reportable condition with error reporting disabled. No report
- // should be sent.
- Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false);
- add_connection_test("expired.example.com",
- SEC_ERROR_EXPIRED_CERTIFICATE, null,
- getReportCheck(false));
-
- // Now enable reporting
- add_test(function () {
- Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true);
- run_next_test();
- });
-
- // test calling the component with no transportSecurityInfo. No report should
- // be sent even though reporting is enabled.
- add_test(function() {
- server.registerPathHandler("/submit/sslreports",
- function(request, response) {
- do_throw("No report should be sent");
- });
- reporter.reportTLSError(null, "example.com", -1);
- run_next_test();
- });
-
- // Test sending a report with no error. This allows us to check the case
- // where there is no failed cert chain
- add_connection_test("good.include-subdomains.pinning.example.com",
- PRErrorCodeSuccess, null,
- getReportCheck(true, PRErrorCodeSuccess));
-
- // Test sending a report where there is an error and a failed cert chain.
- add_connection_test("expired.example.com",
- SEC_ERROR_EXPIRED_CERTIFICATE, null,
- getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE));
-
- run_next_test();
-}
diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini
index b2f3de420..bdf9933f4 100644
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -144,6 +144,3 @@ skip-if = toolkit == 'android'
[test_validity.js]
run-sequentially = hardcoded ports
[test_x509.js]
-
-# The TLS error reporting functionality lives in /toolkit but needs tlsserver
-[test_toolkit_securityreporter.js]